CIO'S MESSAGE - October 8, 2018

National Cyber Security Awareness: Think Before You Click - How to Avoid Phishing Scams

Dear Colleagues, 

Cybercriminals use phishing – a type of social engineering – to manipulate people into doing what they want. Social engineering is at the heart of all phishing attacks, especially those conducted via email. 

Here are a few things you can do to guard against phishing attacks: 

• Limit what you share online about yourself and your family. 
• Never share your credentials and BeachID via email. 
• Beware of email attachments, including from addresses ending in "@csulb.edu." 
• Don’t click links in suspicious messages, such as "Click Here."
• Confirm identities. If unsure, call the sender at a number you know is legitimate. 
• Trust your instincts. If you get a suspicious message, forward it to alert@csulb.edu and Information Technology Services will take appropriate action if necessary.
• Take your time and don’t fall for messages asking you to act immediately.

You may visit the campus Phishing Reports page to confirm current known phishing attempts.

(This article has been adapted from an Educause Review blog, "Don't Let a Phishing Scam Reel You In". EDUCAUSE, licensed under the "Creative Commons BY-NC-SA 4.0 International license"). 

Aysu Spruill 
Information Security Officer 

Min Yao, Ph.D. 
Vice President and Chief Information Officer