CAUTION: a recent phishing attempt has targeted students at CSU and other universities.
Phishing is the attempt to fraudulently convince people to give personal information over email or other channels based on deception, including faked “from” addresses. Some of these attempts can be quite convincing, using official graphics and accurate contact information in signature blocks.
In recent weeks, universities across the country — including CSU — have been subject to phishing attacks designed to gain university login credentials. With these credentials, attackers can then log in to student portals like RamWeb and view *or change* important personal information, including things like bank account information for depositing financial aid refunds.
Protect yourself from phishing. Follow these simple guidelines:
*Don’t assume that an email is valid just because of who it appears to come from.
*Don’t give important personal information — including passwords — over email conversations.
*Be extremely cautious of clicking links in emails.
**Open a new browser window and type in the URL instead.
** “Mouse over” the link to confirm that it goes where it says it’s going to go.
**If you do click, immediately check for the HTTPS padlock icon.
*If you have concerns about an email, call the sender instead (at a number from the online directory, not in the email)
Afraid you’ve been victimized by phishing?
If you are a Colorado State University student and you think you may have lost money, or if you feel unsafe, call the CSU Police Department, 970-491-6425 or 911.
To check on an email or report a phish, please email the Information Security team, firstname.lastname@example.org