CIO'S MESSAGE - October 22, 2019

National Cyber Security Awareness: "Hey, are you available?"

Dear Colleagues, 

In recent months, campus employees have reported receiving emails from a person of authority, such as a dean or department manager, asking if he/she is available. The most common form is a short message starting with something like, "quick help needed," "are you in the office?", or "available?" The tell-tale sign for this type of email scam is they often, but not always, come from third-party email addresses, such as Gmail and Yahoo, using the names of campus managers, deans, and executives.

When someone replies to this type of email, the scam commonly continues by asking the employee to purchase gift cards and to send photos of the gift card codes to the perpetrator. Within a matter of seconds, criminals are able to steal hundreds of dollars in gift card value.

Here are some tips to protect against these and other types of cyber schemes.

Gift cards are for gifts, not for payments. Gift cards are the #1 payment method that imposters demand. They like gift cards because, once they have the code on the back, the money is gone and almost impossible to trace to individuals.

Do the hover test. Hover your mouse over the text of the hyperlink (you should see the full URL, which will show whether it leads to a legitimate website), or better yet, open a browser window and manually type in the hyperlink yourself to prevent it being re-directed.

Watch out for links and attachments. Phishing emails attempt to trick you into downloading an attachment, or clicking on a link. They can be disguised malware that will infect your computer.

When in doubt, contact the supposed sender. If you receive an unexpected email with attachments from someone you know, don’t click on anything. Call or visit them to confirm they sent the email.

While there is no automated way to detect and block all these types of scams, you can help the university by reporting these to alert@csulb.edu, and Division of IT will take appropriate action if necessary.

Aysu Spruill
Information Security Officer

Min Yao, Ph.D.
Vice President and Chief Information Officer