Sonoma State University students received an email warning on Sept. 1 about the dangers of scams designed as emails seeking personal information, more commonly referred to asphishing scams.
Phishing, as defined by the Federal Trade Commission, is “when internet fraudsters impersonate a business to trick you into giving personal information.”
A typical phishing scam consists of cyber criminals sending a phony link asking recipients to provide personal information, such as social security numbers or bank account information. Unaware that it is a scam, recipients oblige, providing the sender with sensitive personal information.
Andru Luvisi, the information and security officer for police and safety services at Sonoma State, sent an email warning the campus community about the dangers of phishing.
“There’s always some phishing going on, but when we see heightened activity, we like to send out a reminder,” said Luvisi.
Some Sonoma State students found the email to be very well timed.
“The email was helpful because now we all know what phishing is and to look out for it,” said junior communications majorAlice Tennigkeit.
Luvisi said phishing scams have been around for many years, and emails can come from a number of different sources.
“I’ve seen phishing emails claiming to come from a huge number of sources, including auction sites, online bookstores, internet service providers, email services, banks and the Sonoma State IT Help Desk,” Luvisi said.
A Better Business Bureau study found that the younger, more educated demographic is often targeted. The study collected data from more than 30,000 individuals and found that 34 percent of 18 to 24 year olds lose money in online scams.
A North Carolina State University study found that out of a group of 53 undergraduate students, only 7.5 percent were able to identify all of the scam emails. Emails are created to look realistic and believable, making it harder to identify them as a phishing scam.
According to the Federal Trade Commission, emails will often request account information to be updated due to suspicious activity, request information verification by clicking a link, or warn that accounts may be suspended or even closed if information is not provided.
There are a number of different ways to identify phishing scams, as well as tips to help prevent yourself from becoming a victim.
In his email, Luvisi advised students to never respond to any spam or phishing emails, and to never click suspicious links or attachments. He also advised students to never provide account information through email, and reminded students that Sonoma State’s IT department will never ask for a username and password in an email.
Luvisi recommends Sonoma State students change their passwords immediately if they become a victim of phishing.
“Phishing doesn’t just affect your individual security. It also affects campus security because if your account is compromised, the attackers are able to use Sonoma State’s system for illegal purposes, such as sending out additional spam and phishing emails to others,” said Luvisi.
If you receive a suspicious email, report it to the Anti-Phishing Working Group at firstname.lastname@example.org.
Sonoma State students who receive a suspicious email can contact the IT Help Desk at 707-664-HELP or IT.Helpdesk@sonoma.edu.