Phishing

                                                                                                                                    Alert: Current Phishing Scams

Protect Against Phishing

Phishing is a form of social engineering. Phishing scams appear to originate from a trusted source to trick a user into entering valid credentials or attempt to lure you into revealing your username, password, and other personal identifying information (PII), or clicking on a malicious attachment.

Phishing Statistics

 
Phishing Victims

In 2023, over 298,000 people in the United States reported being victims of phishing attacks, which is a 0.5% decrease from 2022

Source: https://www.statista.com/statistics/

Email Phishing

Phishing email statistics suggest that nearly 1.2% of all emails sent are malicious, which in numbers translated to 3.4 billion phishing emails daily.

Source: https://www.zdnet.com/article/

Phishing Impersonated Brands

Highly impersonated brands for phishing are Amazon and Google at 13%, Facebook and Whatsapp at 9%, and Netflix and Apple at 2%. 

Source: https://www.getastra.com/

 

Types of Phishing Scams

 

How Do I Spot Phishing Scams?

1. Recognize (look for these common signs)

  • Urgent or emotionally appealing language, especially messages that claim dire consequences for not responding immediately
  • Requests to send personal and financial information
  • Untrusted shortened URLs
  • Incorrect email addresses or links, like amazan.com
  • A common sign used to be poor grammar or misspellings although in the era of artificial intelligence (AI) some emails will now have perfect grammar and spelling, so look out for the other signs.

2. Resist

  • If you suspect phishing, resist the temptation to click on links or attachments that seem too good to be true and may be trying to access your personal information. Instead, report the phish to protect yourself and others. Typically, you’ll find options to report near the person’s email address or username. You can also report via the “report spam” button in the toolbar or settings.

3. Delete

  • Delete the message. Don’t reply or click on any attachment or link, including any “unsubscribe” link. Just delete. 
 

How Do I Report Phishing Emails?

  1. If you receive a Phishing Email:
  2. After reporting to [email protected], If you are using the Gmail interface, you can report phishing directly to Google:
    1. Sign in to Gmail.
    2. Open the message you'd like to report.
    3. Click the triple-dot icon next to Reply, at the top-right of the message pane.
    4. Select Report phishing.
 

Get Help

To request a service, visit the IT Help Desk and create a ServiceNow Ticket.

Get Help

To request a service, create a ServiceNow Ticket and assign the ticket to “IT-ITSO-Help Desk”.

IT Security Office
Administration Building
https://it.sdsu.edu/get-help

Report an Incident

Please contact the Information Security team immediately if you experience or are aware of any of the following: