Campus colleagues,

Here’s a tip for something simple you can do to help keep our university more secure: report phishing attempts!

During a phishing attack, a scammer disguises their email to look like a legitimate message from a colleague or company in an attempt to trick you. The goal of the phishing email is to have you click on a link, open an attachment, or take you to a fake login website that will ask you for sensitive or confidential information. You can find more information about Phishing on the SJSU IT website.

Although your first instinct might be to delete or ignore suspicious emails, please report them. If you suspect an email to be a phishing attack, you can use the “Report Phishing” button inside Google. This button will only appear if Gmail identifies the email as a potential phishing attempt. When this alert comes up, if it’s from a known contact, try reaching out to them with a phone call, chat, or email from your SJSU account to verify if the email is really from them or if it’s an impersonation.

If you’ve been targeted by a phisher, chances are your coworkers have been, too. By reporting suspicious emails, you can keep our campus safer. Here’s what the “Report Phishing” alert looks like in Gmail:

If you suspect an email is a phishing attempt and the alert has not appeared, you can click on the menu button within the email and select “Report Phishing.” Here’s what the menu option looks like:

If you think you have been compromised, email the Information Security team at security@sjsu.edu or call (408) 924-1530. Remember, SJSU will never send unsolicited messages asking for your password or other personal information.

Thank you Janice Lew, our Information Security Program Coordinator, for helping keep our university secure and providing this tip. As always, the SJSU IT Service Desk is here to help by phone at (408) 924-1530 or online.

Thanks,
Bob Lim
Vice President for Information Technology
and CIO at San Jose State University