Search
eHelp  

eHelp » Scams & Phishing

Scams & Phishing

• "Telltail" Signs of Phishing
• Recent Phishing Examples that Purport to be from Cal Poly Pomona
• Tips - How to Avoid Being "Hooked"
• Additional Resources
  • Did you know?

"Telltail" Signs of Phishing

To safeguard your personal and financial information, be cautious when responding to email requests.  "Phishing" is the process of trying to acquire sensitive information (i.e.: usernames, passwords, credit card information, etc.) by masquerading as a trustworthy source in an electronic communication (i.e.: email or instant messaging). Phishing is one of the most popular methods employed by scammers to obtain your sensitive information.  The scammer offers to provide money or a service upon the receipt of your personal information.

No one officially connected to Cal Poly Pomona will email you asking for any of the following sensitive information:

• BroncoPassword or Passphrase
• Social Security Number
• Bank or Debit Card Information
• Pin Number
• Credit Card Information
• Date of Birth
• Driver’s License Number/ State ID Card (Any Other Forms of National or International Identification)
• Home Address
• Mother’s Maiden Name
• Nationality
• Medical History
• Criminal History
• Psychological Counseling Records
• Etc.

The above list of sensitive information is not exhaustive.

back to top

Recent Phishing Examples that Purport to be from Cal Poly Pomona

Example: "UPDATE YOUR EMAIL ADDRESS"

Scam Overview:

Email title:	UPDATE YOUR EMAIL ADDRESS
Scam target:	Cal Poly Pomona Students, Faculty and Staff
Email sent:	Friday, August 15, 2008 7:35 AM
Sender:	Unknown
Scam objective:	Obtaining First and last name, Cal Poly Pomona email address, username, password and birth date and country of residence
Phish link method:	Reply to email with sensitive personal information
Is link masked?	N/A
Visible link text:	N/A
Actual link to:	N/A

 

An email stating that your Cal Poly Pomona email account will be closed can look convincing. However, upon closer inspection, note the inconsistencies in capitalization, punctuation, spelling and/or grammar.

1. Note the capitalization errors in the greeting and first sentence.
2. Note the spelling error in the second sentence of the first paragraph - "We are currently upgrading our data base and e-mail center." The words "data" and "base" should be written as one word.
3. Note the grammatical error in the third sentence of the first paragraph - "We are deleting all unused csupomona.edu to create more space for new one and also increasing the junk mail bluker."
4. Also note the spelling error in the third sentence of the first paragraph. "Bluker" should be spelled "blocker".
5. Note the punctuation error in the first sentence of the second paragraph - "To prevent your account from closing you will have to update it below so that we will know that it's a present used account." There should be a comma after the word "closing".
6. Also note the grammatical error in the first sentence of the second paragraph.
7. Note the capitalization error in the sentence below the information request section.
8. Note the format error in the second to the last sentence.
9. Note the spelling error in the last sentence - "Thank you for your anticipated co-operation."
10. Additionally, an anonymous greeting of "Dear csupomona.edu Email Owner" should raise suspicion. Anonymous greetings are characteristic of scams.
11. The phish email is sent from an address that purports to be from a Cal Poly email address. The sender's email address should immediately raise suspicion. If you look at the domain name - "ptrick.com", it shows that the email is not from any one officially connected to Cal Poly Pomona.
12. And finally, note the message below the signature line - UNIVERSITY OF MALAYA - "Producing Leaders Since 1905". A message purporting to be from Cal Poly Pomona but promoting another university should raise suspicion.
    
    Remember, no one officially connected to Cal Poly Pomona will email, asking for any sensitive information.
    
    

-----Original Message-----
From: [mailto:info@ptrick.com]
Sent: Friday, August 15, 2008 7:35 AM
To: undisclosed-recipients
Subject: UPDATE YOUR EMAIL ADDRESS

Dear csupomona.edu Email Owner,

This message is from uncw.edu messaging center to all csupomona.edu Email owners. We are currently upgrading our data base and e-mail center. We are deleting all unused csupomona.edu to create more space for new one and also increasing the junk mail bluker.

To prevent your account from closing you will have to update it below so that we will know that it's a present used account.

CONFIRM YOUR EMAIL BELOW
Email Username :.....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........

However, Failure to comply may result in temporary webmail suspension.

Please understand that this is a security measure intended to help protect you and your mailbox.We apologize for any inconvenience.

Thank you for your anticipated co-operation.

Thanks,
csupomona.edu Team
csupomona.edu BETA.
------------------------------------------------------------------------------------
UNIVERSITY OF MALAYA - " Producing Leaders Since 1905 "

back to top

 

Example: "Alert: Account Confirmation"

Scam Overview:

Email title:	Alert: Account Confirmation
Scam target:	Cal Poly Pomona Students, Faculty and Staff
Email sent:	Thursday, July 31, 2008 1:47 PM
Sender:	Unknown
Scam objective:	Obtaining First and last name, Cal Poly Pomona email address, username, password and birth date
Phish link method:	Reply to email with sensitive personal information
Is link masked?	N/A
Visible link text:	N/A
Actual link to:	N/A

 

An email stating that your Cal Poly Pomona email account will be closed can look convincing. However, upon closer inspection, note the inconsistencies in capitalization, punctuation, spelling and/or grammar.

1. Note the punctuation error in the greeting. The greeting in a business letter always ends in a colon.
2. Note the spelling error in the second sentence of the first paragraph - "We are currently upgrading our data base and e-mail center due to an unusual activities identified in our email system." The words "data" and "base" should be written as one word.
3. Note the grammatical error of the second sentence of the first paragraph - "We are currently upgrading our data base and e-mail center due to an unusual activities identified in our email system."
4. Note the capitalization errors in the first paragraph - "We are deleting all unused Webmail Accounts. You are required to verify your webmail account by confirming your Webmail identity. This will prevent your Webmail account from been closed during this exercise."
5. Note the inconsistency in the spelling of Webmail between the first paragraph and the second paragraph.
6. Note the punctuation error in the second paragraph - "In order to confirm you Web-Mail identity, you are to provide the following data;"
7. Note the grammatical error in the second to the last paragraph - "Please provide all these information completely and correctly otherwise due to security reasons we may have to close your account temporarily."
8. Note the spelling error in the last sentence - "We apologise for any inconvenience."
9. Additionally, an anonymous greeting of "Dear Account User " should raise suspicion. Anonymous greetings are characteristic of scams.
10. The phish email is sent from an address that purports to be from a Cal Poly email address. The sender's email address should immediately raise suspicion. If you look at the domain name - "verizon.net", it shows that the email is not from any one officially connected to Cal Poly Pomona.
    
    Remember, no one officially connected to Cal Poly Pomona will email, asking for any sensitive information.
    
    

----Original Message-----

From: IT Service [mailto:eefeefwrw@verizon.net]

Sent: Thursday, July 31, 2008 1:47 PM

Subject: Alert: Account Confirmation

 

Dear Staff/Student

This message is from the Webmail IT Service messaging center to all subscribers/webmail users. We are currently upgrading our data base and e-mail center due to an unusual activities identified in our email system. We are deleting all unused Webmail Accounts. You are required to verify your webmail account by confirming your Webmail identity. This will prevent your Webmail account from been closed during this exercise. In order to confirm you Web-Mail identity, you are to provide the following data;

First Name:

Last Name:

Username/ID:

Password:

Date of Birth:

*Important*

Please provide all these information completely and correctly otherwise due to security reasons we may have to close your account temporarily.

We thank you for your prompt attention to this matter. Please understand that this is a security measure intended to help protect you and your Webmail Account. We apologise for any inconvenience.

 

Regards,

IT Service

back to top

 

Example: "Dear Account Subscriber Confirm Your Student Account"

Scam Overview:

Email title:	Dear Account Subscriber Confirm Your Student Account
Scam target:	Cal Poly Pomona Students, Faculty and Staff
Email sent:	Tuesday, July 15, 2008 10:06 AM
Sender:	Unknown
Scam objective:	Obtaining Cal Poly Pomona email address, username, password and birth date
Phish link method:	Reply to email with sensitive personal information
Is link masked?	N/A
Visible link text:	N/A
Actual link to:	N/A

 

An email stating that your Cal Poly Pomona email account will be closed can look convincing. However, upon closer inspection, note the inconsistencies in capitalization, punctuation, spelling and/or grammar.

1. Note the capitalization error in the first sentence - "This message is from webmail messaging center to all webmail account owners." In the context of the sentence, "webmail messaging center" is being used as a proper noun (the name of the center).
2. Note the absence of a return carriage between the first two paragraphs.
3. Note the spelling error in the first sentence of the second paragraph - "We are currently upgrading our data base and e-mail account center." The words "data" and "base" should be written as one word.
4. Note the grammatical error in the second sentence of the second paragraph - "We are deleting all unused webmail account to create more space for new accounts." The word "account" should be plural.
5. Note the capitalization error in the last sentence of the second paragraph - "To prevent your Account from closing you will have to update it by providing the information requested below."
6. Note the punctuation errors in the closing and signature line.
7. Additionally, an anonymous greeting of "Dear Account User " should raise suspicion. Anonymous greetings are characteristic of scams.
8. The phish email is sent from an address that purports to be from a Cal Poly email address. The sender's email address should immediately raise suspicion. If you look at the domain name - "problem.com", it shows that the email is not from any one officially connected to Cal Poly Pomona.
   
   Remember, no one officially connected to Cal Poly Pomona will email, asking for any sensitive information.
   
   

back to top

Tips - How to Avoid Being "Hooked"

1. Carefully review any email asking for personal information. If you are unsure if the email is a phishing scam, contact the Help Desk.
   
   Submit a Help Desk ticket or stop by the I&IT Help Desk with your Bronco Access Card or another photo ID. The I&IT Help Desk (X6776) is located in Building 1, Room 100. It is open Monday - Thursday, 7:30 AM - 6:00 PM and Friday, 8:00 AM - 5:00 PM (excluding state holidays).
   
   
2. If the email sender address doesn't end in @csupomona.edu, it isn't from Cal Poly Pomona. However, even if it does, it still might not be from Cal Poly Pomona, as email senders can be easily spoofed.
3. Practice safe and secure emailing. Never open an email from a sender you do not recognize and be extra cautious with email from unknown senders with blank, ambiguous or nonsensical subject lines.
4. If you receive an email that is obviously a phishing email, don’t click on any enclosed links. Add the email to your spam list by following the tutorial at http://www.csupomona.edu/~ehelp/spam/index.html. Then delete the email.
5. Learn to spot phishing emails using the techniques listed above.

To report a security attack directed at your computing resources or to notify us of a compromise of the Cal Poly Pomona network, contact the Incidence Response Team at abuse@csupomona.edu or call the I&IT Help Desk at 909.869.6776.

For more information on computer and network security incident protocol, visit Report a Security Incident at http://www.csupomona.edu/~ehelp/security/report_security_incident.html.

back to top

Additional Resources

• For more information on phishing, including tell-tale signs and other common phishing examples, visit http://www.csupomona.edu/~ehelp/security/security_phishing.html.
  
  
• For more information and tips on computer security, visit http://www.csupomona.edu/~ehelp/security/index.html.
  
  
• Should you need further assistance, submit a Help Desk ticket or stop by the I&IT Help Desk in Building 1, Room 100. The Help Desk is open Monday - Thursday, 7:30 AM - 6:00 PM and Friday, 8:00 AM - 5:00 PM (excluding state holidays).
  
  NOTE: Sensitive user-specific information should not be provided via email due to security concerns.
  

back to top

Did you know?

Targeted Phishing:

Spear phishing, a targeted version of phishing, targets bank and online payment service customers. While the first such examples were sent indiscriminately, phishers may now be able to determine which banks potential victims use, and target those people with bogus emails accordingly.

Whaling is a phishing attack directed specifically at senior executives and other high profile targets within businesses.

For other tech terms, visit eHelp's Glossary at http://www.csupomona.edu/~ehelp/glossary.html.

back to top

This page was last updated on August 28, 2008.