Image result for phishing

What is phishing?

Phishing (pronounced fishing) is the act of using methods of communication (such as e-mails) for the express purpose of obtaining personal information (such as passwords or credit card numbers) or manipulating others to perform unauthorized actions (such as bank transfers or purchases).

There are many forms and styles of phishing. Most involve fraudulent or hijacked e-mail accounts posing as a reputable individual, team or company. The e-mail usually requests a simple action (please pay this vendor, please click on this link, please verify your account information, etc). Some add company logos, color schemes and official sounding titles to make them look more authentic. What makes phishing attacks successful is they prey upon human nature: to be helpful and trusting or to act out of fear or worry.

Catagories of phishing:

  • Vishing: phishing using voice calls or voice mail
  • Smishing: phishing using text messages
  • Spear phishing: targeted phishing
  • Whaling: even more targeted phishing, general directed at the senior leadership level (such as CEO, presidents, etc)
  • Search engine phishing (creating fake look-alike websites)

Warning signs to look for:

  • Were you expecting this e-mail?
  • Who sent it? Do you know them? Does it seem reasonable? (see example #1)
  • Does the sender's e-mail seem reasonable? Does it even match the sender's name? (see example #2)
  • Is this e-mail really even for you? (see example #3)
  • Is the e-mail professionally written and presented, virtually free of grammar and spelling errors? (see example #4)
  • What is the tone of the e-mail? Beware of e-mails that try to get you to act out of pressure, fear, and/or worry. (see example #4)
  • Does the sender want you to click a link? If so:
    • Does that seem reasonable (vs just sending an attachment)?
    • Hover your mouse over the link. Does it seem reasonable (check the domain)? (see example #5)
  • Does the sender want you to download something? Great care should be taken if this is the case as this file may be malware.
  • Who signed off?
    • Does it seem reasonable? (see example #1)
    • Does it even match who sent it? (see example #2)

What should I do?

  • If you are unsure if this e-mail is real or not, you can do one of the following:
    • Call the individual or company to confirm. Do not use a phone number listed in the e-mail. Instead, look it up yourself.
    • Investigate it yourself.
    • Ask ITS. You can forward the e-mail to the Help Desk ( and we will look into it.
  • If you've responded to the e-mail:
    • IMMEDIATELY change your password and any other accounts that use the same password. Do not use the same password on multiple accounts.
    • Contact ITS. E-mail our Help Desk ( or call in (844) 693-4357.
    • Scan your computer for malware
    • Continue to monitor your accounts for suspicious activities.


Example #1:

From: IT tame of SF colleg <>
Sent: Friday, September 8, 1995 4:30 PM
To: Barbara Smith <>
Subject: Emportnt documnt

You need to look at immeditately get this very empourtent document now before its taken gone and you don't get to see. Then you account will be closed forever.

Your IT Teem Dept


Example #2:

From: Tyler Durden <>
Sent: Friday, October 15, 1999 4:19 AM
To: Mary Jones <>
Subject: Club meating tonite

Last chance. Don't talk about, just regester here now or be fourever let out.




Example #3:

From: A. Smith <>
Sent: Friday, March 31, 1999 2:59 PM
To: Jan Smith <>; Jane Smith <>; Joan Smith <>; John Smith <>; Jon Smith <>; Jonathan Smith <>
Subject: Need infourmation

Emportent. Please send me your username and password so I can check if you account is up to date. If you don't send, I will have to termenate you account. I need it by the end of today.


A. Smith


Example #5:



CCSF doesn't have an "EMAIL IT Department" nor even the reasonable E-mail Team. ITS signs off messages with a person's name and contact info.


SANS Security Awareness

  • ~31 videos (2-6 minutes per module)
  • Self-paced
  • Certificate awarded upon completion
  • CCSF employees can request this course via the Help Desk (