Contents
Cal Poly Pomona

Scams & Phishing

Scams & Phishing

"Telltail" Signs of Phishing

To safeguard your personal and financial information, be cautious when responding to email requests.  "Phishing" is the process of trying to acquire sensitive information (i.e.: usernames, passwords, credit card information, etc.) by masquerading as a trustworthy source in an electronic communication (i.e.: email or instant messaging). Phishing is one of the most popular methods employed by scammers to obtain your sensitive information.  The scammer offers to provide money or a service upon the receipt of your personal information.

No one officially connected to Cal Poly Pomona will email you asking for any of the following sensitive information:

The above list of sensitive information is not exhaustive.

back to top

Recent Phishing Examples that Purport to be from Cal Poly Pomona

Example: "VERIFY YOUR EMAIL ACCOUNT"

Scam Overview:

Email title: VERIFY YOUR EMAIL ACCOUNT
Scam target: Cal Poly Pomona Students, Faculty and Staff
Email sent: Thursday 11/27/2008 9:49 AM
Sender:

Unknown
Scam objective: Obtaining Cal Poly Pomona email address, username and password
Phish link method: Reply to email with sensitive personal information and "Click Here" type link
Is link masked? Yes
Visible link text: https://exchange.csupomona.edu
Actual link to: https://exchange.csupomona.edu

 

An email stating that your Cal Poly Pomona email account will be closed can look convincing. However, upon closer inspection, note the inconsistencies in capitalization, punctuation, spelling and/or grammar.

  1. An anonymous greeting or lack of greeting should raise suspicion. Anonymous greetings are characteristic of scams.
  2. Note the format error of the greeting.
  3. Note the grammatical and capitalization errors of the first sentence.
  4. Note the grammatical and capitalization errors of the third sentence.
  5. The phish email is sent from an address that purports to be from a Cal Poly email address. The sender's email address should immediately raise suspicion. If you look at the domain name - "gibtelecom.net", it shows that the email is not from any one officially connected to Cal Poly Pomona.
  6. Note the message is signed anonymously. Unidentifiable senders should raise suspicion.

    Remember, no one officially connected to Cal Poly Pomona will email, asking for any sensitive information.

-----Original Message-----
From: https://exchange.csupomona.edu/ [mailto:aggib@gibtelecom.net]
Sent: Thursday, November 27, 2008 9:49 AM
Subject: VERIFY YOUR EMAIL ACCOUNT

 

Attention: webmail User,

This message is to all exchange.csupomona.edu users.(Staff and
Students)

***********************************************************
CONFIRM YOUR EMAIL IDENTITY NOW

E-mail Username : ...............
E-mail Password : ...............

***********************************************************

Warning!!! Account owners that refuses to update his or her
account within Seven days of receiving this warning will lose
his or her account permanently.

Thank you for using https://exchange.csupomona.edu/

Warning Code:11XXTT8765

Thanks,

 

California State University
Webmail Administrator

 

back to top

 

Example: "Campus Online Account Registration"

Scam Overview:

Email title: Campus Online Account Registration
Scam target: Cal Poly Pomona Students, Faculty and Staff
Email sent: Wednesday, October 22, 2008 6:42 AM
Sender:

Unknown
Scam objective: Obtaining Cal Poly Pomona email address, username and password
Phish link method: "Click Here" type link
Is link masked? No
Visible link text: http://www.LiveCollege.org
Actual link to: http://www.LiveCollege.org

 

An email notifying you of a campus online messaging system can look convincing. However, upon closer inspection, note any inconsistencies in capitalization, punctuation, spelling and/or grammar.

  1. Note the grammatical error in the third to the last sentence - "We encourage you to register as soon." The sentence is incomplete.
  2. Note the format error between the third to the last sentence and the fourth to the last sentence.
  3. Note the lack of punctuation after the last sentence.
  4. Additionally, an anonymous greeting or lack of greeting should raise suspicion. Anonymous greetings are characteristic of scams.
  5. The phish email is sent from an address that purports to be from a Cal Poly email address. The sender's email address should immediately raise suspicion. If you look at the domain name - "LiveCollege.org", it shows that the email is not from any one officially connected to Cal Poly Pomona.
  6. Note the message is signed by someone who doesn't give a last name. Unidentifiable senders should raise suspicion.
  7. And finally, note the signature line - LiveCollege.org Campus Representative". A message purporting to be from Cal Poly Pomona but promoting another organization should raise suspicion.

    Remember, no one officially connected to Cal Poly Pomona will email, asking for any sensitive information.

-----Original Message-----

From: Hannah J. [mailto:hannah@LiveCollege.org <mailto:hannah@LiveCollege.org> ]
Sent: Wednesday, October 22, 2008 6:42 AM
To: Undisclosed-Recipients
Subject: Campus Online Account Registration

October 22, 2008

This email has been sent to notify you of a new online instant messaging system and course note sharing tool that we have implemented for the 2008-2009 school year.  Unlike past semesters, we are trying to get the latest online networking and communication tools incorporated into academic life and course discussions.  Your account will allow you to add your school schedule and chat/share with other students on campus.We encourage you to register as soon.  The more students involved, the better the system will be.  Please register at: http://www.LiveCollege.org

Thanks!
Hannah J.
LiveCollege.org Campus Representative

back to top

 

Example: "UPDATE YOUR EMAIL ADDRESS"

Scam Overview:

Email title: UPDATE YOUR EMAIL ADDRESS
Scam target: Cal Poly Pomona Students, Faculty and Staff
Email sent: Friday, August 15, 2008 7:35 AM
Sender:

Unknown
Scam objective: Obtaining First and last name, Cal Poly Pomona email address, username, password and birth date and country of residence
Phish link method: Reply to email with sensitive personal information
Is link masked? N/A
Visible link text: N/A
Actual link to: N/A

 

An email stating that your Cal Poly Pomona email account will be closed can look convincing. However, upon closer inspection, note the inconsistencies in capitalization, punctuation, spelling and/or grammar.

  1. Note the capitalization errors in the greeting and first sentence.
  2. Note the spelling error in the second sentence of the first paragraph - "We are currently upgrading our data base and e-mail center." The words "data" and "base" should be written as one word.
  3. Note the grammatical error in the third sentence of the first paragraph - "We are deleting all unused csupomona.edu to create more space for new one and also increasing the junk mail bluker."
  4. Also note the spelling error in the third sentence of the first paragraph. "Bluker" should be spelled "blocker".
  5. Note the punctuation error in the first sentence of the second paragraph - "To prevent your account from closing you will have to update it below so that we will know that it's a present used account." There should be a comma after the word "closing".
  6. Also note the grammatical error in the first sentence of the second paragraph.
  7. Note the capitalization error in the sentence below the information request section.
  8. Note the format error in the second to the last sentence.
  9. Note the spelling error in the last sentence - "Thank you for your anticipated co-operation."
  10. Additionally, an anonymous greeting of "Dear csupomona.edu Email Owner" should raise suspicion. Anonymous greetings are characteristic of scams.
  11. The phish email is sent from an address that purports to be from a Cal Poly email address. The sender's email address should immediately raise suspicion. If you look at the domain name - "ptrick.com", it shows that the email is not from any one officially connected to Cal Poly Pomona.
  12. And finally, note the message below the signature line - UNIVERSITY OF MALAYA - "Producing Leaders Since 1905". A message purporting to be from Cal Poly Pomona but promoting another university should raise suspicion.

    Remember, no one officially connected to Cal Poly Pomona will email, asking for any sensitive information.

-----Original Message-----
From: [mailto:info@ptrick.com]
Sent: Friday, August 15, 2008 7:35 AM
To: undisclosed-recipients
Subject: UPDATE YOUR EMAIL ADDRESS

Dear csupomona.edu Email Owner,

This message is from uncw.edu messaging center to all csupomona.edu Email owners. We are currently upgrading our data base and e-mail center. We are deleting all unused csupomona.edu to create more space for new one and also increasing the junk mail bluker.

To prevent your account from closing you will have to update it below so that we will know that it's a present used account.

CONFIRM YOUR EMAIL BELOW
Email Username :.....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........

However, Failure to comply may result in temporary webmail suspension.

Please understand that this is a security measure intended to help protect you and your mailbox.We apologize for any inconvenience.

Thank you for your anticipated co-operation.

Thanks,
csupomona.edu Team
csupomona.edu BETA.
------------------------------------------------------------------------------------
UNIVERSITY OF MALAYA - " Producing Leaders Since 1905 "

back to top

Tips - How to Avoid Being "Hooked"

  1. Carefully review any email asking for personal information. If you are unsure if the email is a phishing scam, contact the Help Desk.

    Submit a Help Desk ticket or stop by the I&IT Help Desk with your Bronco Access Card or another photo ID. The I&IT Help Desk (X6776) is located in Building 1, Room 100. It is open Monday - Thursday, 7:30 AM - 6:00 PM and Friday, 8:00 AM - 5:00 PM (excluding state holidays).

  2. If the email sender address doesn't end in @csupomona.edu, it isn't from Cal Poly Pomona. However, even if it does, it still might not be from Cal Poly Pomona, as email senders can be easily spoofed.
  3. Practice safe and secure emailing. Never open an email from a sender you do not recognize and be extra cautious with email from unknown senders with blank, ambiguous or nonsensical subject lines.
  4. If you receive an email that is obviously a phishing email, don’t click on any enclosed links. Add the email to your spam list by following the tutorial at http://www.csupomona.edu/~ehelp/spam/index.html. Then delete the email.
  5. Learn to spot phishing emails using the techniques listed above.

To report a security attack directed at your computing resources or to notify us of a compromise of the Cal Poly Pomona network, contact the Incidence Response Team at abuse@csupomona.edu or call the I&IT Help Desk at 909.869.6776.

For more information on computer and network security incident protocol, visit Report a Security Incident at http://www.csupomona.edu/~ehelp/security/report_security_incident.html.

back to top

Additional Resources

back to top

Did you know?

Targeted Phishing:

Spear phishing, a targeted version of phishing, targets bank and online payment service customers. While the first such examples were sent indiscriminately, phishers may now be able to determine which banks potential victims use, and target those people with bogus emails accordingly.

Whaling is a phishing attack directed specifically at senior executives and other high profile targets within businesses.

For other tech terms, visit eHelp's Glossary at http://www.csupomona.edu/~ehelp/glossary.html.

back to top

This page was last updated on December 1, 2008.

  Did you find what you were looking for?