Student Email and Microsoft 365
Phishing and suspicious email
Phishing and related scams are when cyber attackers attempt to trick or fool you into doing something you should not do. Often these scams are sent as emails, but they can also try to trick with you text messaging, phone calls or on social media. Anytime someone is creating a tremendous sense of urgency and rushing you to take an action, or someone is promoting an offer that is too good to be true, this is most likely an attack.
Never send personal information in an email. This includes SSN, DOB, mother’s maiden name, credit card information, account passwords, etc. SDCCD will never ask you for this information by email. This webpage contains a number of resources to help you learn about the risks of email scam and teaches you how to recognize a scam email.
Phishing emails often attempt to use emotional triggers to get you to react quickly without thinking through whether you should respond, such as dire language about time limits, loss of service, penalties, or language targeting a desire for money. They often have grammar, spelling, and syntax errors, and phrasing that a native speaker would not use.
An example would be an email with a generic greeting warning of a change in an account requiring you to verify your account information. These emails typically include directions to reply with private information or provide a link to a web site to verify your account by providing personal information such as your name, address, bank account numbers, Social Security numbers, or other sensitive personal information.
Below are some samples of phishing emails:
Trying to sell services to students:
- Name and email address don’t match
- Urgency of action to be taken
- Attempt to prove legitimacy using words such as ‘Official’
- Uses a real organization or company name but incorrect email address
- Poor grammar
- Unsolicited requests for personal information are a clear danger signal
- Misspellings
- Never send passwords, bank account numbers, or other private information in an email.
- Avoid clicking links in emails, especially any that are requesting private information.
- Be wary of any unexpected email attachments or links, even from people you know.
- Look for ‘https://’ and a lock icon in the address bar before entering any private information.
- Have an updated anti-virus program that can scan email.
Please submit a help desk ticket here or contact support@student.sdccd.edu. This is extremely helpful as we have tools to block the sender and remove the scam from other employee inboxes.
What Should I Do If I Have Been Scammed by Phishing?
- Change your SDCCD login credentials
- Change login and password for any personal accounts that share the same password such as:
- Online banking
- Personal email
- Online purchasing (PayPal, Amazon, eBay, etc.)
- iTunes account
- Social media (Facebook, Twitter, blogs, etc.)
- Online backup service or file sharing (Dropbox, Mozy, Carbonite, etc.)
- Do not use the same password for your SDCCD account that you use anywhere else. Can't remember them all? Consider using a password manager to manage all of your personal passwords.
- Contact the abuse or fraud department of the service being impersonated (eBay, PayPal, etc.)
- If you suspect a bank or credit card account may have been compromised, contact that institution to check your account immediately and request a credit report.