Recognizing Phishing Attempts

Recognizing Phishing Attempts is key to staying safe while using university technology for communication and to protect your information. A phish refers to online fraud, in which you are tricked into revealing personal information for the purpose of identity theft (email account, banking information, etc.). It can appear in various forms such as suspicious emails, text messages, or even phone calls!

Learn more about the common types of phishing below!

Phishing emails are deceptive messages designed to trick recipients into clicking malicious links, opening harmful attachments, or sharing sensitive information.

These emails may come from external sources or from compromised �� student accounts, making them appear legitimate. Learning how to recognize and report phishing emails helps protect your account, personal data, and �� systems.

Important Tip: A phishing email can lead to a smishing or vishing attempt—This may happen if your phone number was submitted in a web form and the attacker attempts to text or call you for more information. Do not provide information.

Smishing is a type of phishing delivered through text messages that attempts to trick you into clicking harmful links or sharing personal information.

In some cases, a phishing email can lead to a smishing attempt—such as providing your phone number in a web form. The attacker may attempt to call or text message you after receiving your phone number. Do not provide information.

Vishing is a type of phishing conducted through phone calls or voice messages where attackers impersonate trusted organizations or individuals to trick you into sharing sensitive information.

These calls may come from external sources or spoofed phone numbers, and sometimes follow phishing emails or text messages to seem more legitimate. Hang up and do not provide information.

Quishing is a form of phishing that uses QR codes to direct users to fraudulent websites or prompt them to share sensitive information.

These QR codes may appear in emails, flyers, posters, or digital screens and can come from external sources or compromised accounts, making them seem legitimate. Do not provide information.

Report Phishing

You can report a phishing email through two methods:

Forward the suspicious email you received to alert@csulb.edu
When viewing an email in Outlook, click the "Report phishing" button in your Outlook.

Report Phishing shield button within Outlook for Web Interface — Example of "Reporting a phish" in Outlook.

University Resources

Review the following university resources available on phishing and common scams:

University Police has provided a list of commonly reported scams. Familiarizing yourself with these may allow you to spot early warning signs. View Article on Common Types of Scams
The Division of IT has provided a tool capable of helping detect warning signs within an email you receive.

��

Academics

About

Alumni

Campus Life

Divisions

Resources