Phishing Examples
Phishing is when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal informationÌý–Ìýsuch as account numbers, social security numbers, or your login IDs and passwords. Scammers use your information to steal your money, your identity or both.Ìý
Scammers also use phishing emails to get access to your computer or network then they install programs likeÌýransomwareÌýthat can lock you out of important files on your computer.ÌýÌý
This page provides examples of the phishing emails received by the campus community at large. Each example includes the actual text used to lure the user into a false sense of security and points out why the email is suspicious. Please use these examples to educate yourself on what to look for so that you do not become a victim.Ìý
Gift Card Scams
Gift cards have become a popular way for scammers to steal your money. Scammers will send you an email or a tezt message, often impersonating your coworkers or supervisor or other university official, asking you to purchase gift cards for a special event. They willl usually asking you to be discreet. Often the sender will claim to be in a meeting and unable to take calls, preventing you from calling to confirm the request.
The initial email may start out innocuously, asking if you are available, stating that they need a favor, or asking for your phone number so you can receive text messages.Ìý Once you respond, the scammer will ask you to purchase gift cards, specifying the quantity and denomination.Ìý The message will ask you to scratch off the cards to reveal the codes, take pictures of those codes, and then reply back with those pictures.
If you reply with the cards’ codes, your money is now in the hands of the scammer.Ìý Gift cards are treated as cash, and in many cases, cannot be refunded.
How Can I Spot These Scams?
In most cases, the sender information is falsified to make it appear to be coming from aÌý Â鶹AV mail address.Ìý Remember:ÌýPay close attention to the sender’s address.Ìý If on a mobile device, tap the sender’s name to reveal the actual email address.Ìý If the sender’s address ends in @gmail.com, @outlook.com, or anything other than @csun.edu, the request is most likely a scam.
Contact the person who is requesting these gift cards in person or through a known trusted phone number. If you appear to receive a text or call from a Â鶹AV number asking you to purchase gift cards, look up the number in the Â鶹AV directory and call that person. Phone numbers can be spoofed.Ìý
Never send gift card codes via email without confirming the request.
What if I Provided My Personal Phone Number?
If you responded to a phishing email and provided your cell phone number, you’ll need to be aware of the increased potential for future phishing messages. Known as smishing (or SMS phishing), the messages can impersonate coworkers, supervisors, financial institutions or other companies.
It can be difficult to spot malicious links in text messages, which is why we recommend not clicking on links or calling numbers provided by text messages. If you receive an unexpected text message claiming to be from your bank or other organization, contact the company via a known good number, such as the phone number printed on the back of your bank card.
By remembering that sender information can be falsified, you can remain vigilant and spot these fake messages. In these situations, Information Security recommends that you block the phone number that sent you the text message.
Phishing Examples
When reporting a phishing or spam email toÌýabuse@csun.edu,ÌýInformation Technology will ask you to send the email as an attachment. Sending the email as an attachment allows Information Technology the ability to see full email headers, providing all the information needed to investigate the email. If you need instructions on how to send the email as an attachment, visit theÌýHow to Forward an Email as an AttachmentÌýpage.Ìý
Ìý
---Start of Email---
From: <xxx.xxxx@gaggle.com>
Date: Mon, Jul 14, 2025 at 10:24 AM
To: <your.email@students.edu>
Subject: Â鶹AV: IT Information Security Advisory Announcements] MFA Authentication
---End of Email---
How do we know it's phishing?
- Suspicious Sender: The message is from a personal Gmail account, not an official Â鶹AV email address.
- Unsolicited MFA Setup Request: Â鶹AV IT does not typically ask users to submit their phone number or scan QR codes via unsolicited emails.
- Lack of Personalization: The message does not address the recipient by name or contain any specific information.
- Urgency Without Context: It pressures users to act without providing verification methods or contact details.
What to do if you receive a similar email:
- Do Not Scan Any Codes: QR codes in phishing emails can lead to malicious websites or trigger unauthorized actions.
- Do Not Respond: Avoid replying to the email or engaging with the sender in any way.
- Verify Your Account Security: Change your email password immediately and enable multi-factor authentication (MFA) for added security.
- Report the Email: Forward the email to abuse@csun.edu and reach out to Information Security atÌý(818) 677-6100.
---Start of Email---
From: <your.email@students.edu>
Date: Sun, Jan 12, 2025 at 9:25 PM
To: <your.email@students.edu>
Subject: noreply
|Hi!
|-
|-
|I'm going to make you an offer you can't refuse. If reputation means anything to you.
|I am a programmer who likes to dig into other people's dirty laundry and I hack into cell phones, laptops, computers,
|tablets of users like you in order to extract from them "interesting" photos, videos, recordings of conversations or correspondence.
|I infected your device with a virus and have been watching you for over 2 months now.
|During these months, I have accumulated a lot of interesting information about you.
|-
|Not only do I have access to your phone book, correspondence, audio, but I also have information about the sites you visit.
|Can you guess what I'm talking about?
|-
|-
|I collect a selection of photos and videos, audio recordings, correspondence from the devices of users like you with the help of viruses and copy them to my own server.
|I've got some bad news for you. I can leak all of this online for general access, send it to your friends, relatives, acquaintances, send it to social networks and messengers.
|Trust me. This is something that can destroy your reputation once and for all!
|The effect will be fantastic! They will see what you do in all its glory.
|-
|It only takes one click for me to leak the information.
|You have the power to stop it. What do you have to do to stop it? I'll tell you about that next.
|-
|-
|You need to make a $1100 (US dollars) transfer to my bitcoin wallet. If you do not know how such transfers are made, just type in Google query: "Buy Bitcoin".
|My bitcoin wallet (BTC Wallet): <removed>
|-
|Nothing complicated, right?
|After receiving the specified amount, I will immediately delete all the information and leave you alone forever!
|-
|But you need to hurry up. I don't like to wait long!
|I'll give you 48 hours.
|-
|Don't think you can ignore me. After you read this message, I automatically get a notification about it.
|From then on, you have two days to pay!
|-
|Yes. You don't need to try to apply for help to resolve this situation. Bitcoin wallet is untraceable, and the sender address is automatically created.
|But if I happen to know that you share this email with someone else (and I will), I'll do a newsletter right away!
|I hope you make the right choice!
---End of Email---
How do we know it's phishing?
Note: The attacker sent the email above using the user's email account, indicating that the attacker has access to the account, which means it has been compromised. However, this situation is still considered phishing due to the following reasons:
- Generic Sender Information: The email does not address the recipient by name, making it a generic template.
- Threatening Language: The email uses fear tactics and threats to intimidate the recipient into compliance.
- Untraceable Payment Request: The demand for Bitcoin payment is a common hallmark of phishing scams, as Bitcoin transactions are difficult to trace.
- Unverifiable Claims: The sender claims to have access to personal information but does not provide specific evidence.
Ìý
What to do if you receive a similar email:
- Do Not Respond: Avoid replying to the email or engaging with the sender in any way.
- Verify Your Account Security: Change your email password immediately and enable multi-factor authentication (MFA) for added security.
- Report the Email: Forward the email to abuse@csun.edu and reach out to Information Security atÌý(818) 677-6100.
- Do Not Click Links or Pay: Avoid clicking on any links in the email and do not send money or Bitcoin.
Ìý