Cybersecurity Awareness Month Weekly Tip

---

BEWARE OF PHISHING PHANTOMS

---

It’s Cybersecurity Awareness Month — but the scammers are out haunting inboxes all year long! 

External Emails

If you see the red CAUTION warning, please take it seriously: 

CAUTION: This email was sent from an external source 

Any email with that caution banner offering you employment opportunities, claiming a problem with your CSULB account, and sharing files, are likely not legitimate when they are unexpected and from persons or organizations you don't know.

Internal Emails

Even emails from CSULB accounts can be cursed with scams. CSULB emails, most commonly student accounts, become compromised and are then used to send phishing emails. In these cases, you won't see the red caution text, so use the following tips as a gauge.

General Phishing Tips

• Poor Grammar and Urgency: Phishing emails often have grammatical errors and create a sense of urgency to make victims act hastily.
• Suspicious Attachments: Be wary of attachments you weren’t expecting, especially if the email is from someone you don’t know.
• Hidden URLs: Hover over links (or long-press on mobile) to confirm if they are valid. If the URL looks suspicious, do not click.
• Suspicious Email Addresses: Legitimate offers rarely use free email services like Gmail or Yahoo for official communications. Always check for company-specific domains.

Job Scam Email Tips

• Too-Good-To-Be-True Offers: Unrealistic salaries or benefits for minimal work are classic signs of a job scam.
• Requests for Personal Information: Legitimate employers won’t ask for sensitive information (like Social Security numbers or bank account details) over email or text before formal hiring.
• No Interview Process: Scammers skip the formal interview process, promising jobs without any assessment.
• Vague Job Descriptions: Scammers often use vague job descriptions with minimal requirements. Legitimate job postings usually provide detailed descriptions of the role and specific qualifications needed.
• Upfront Payments: Be cautious if a job offer requires you to pay for training, equipment, or other expenses upfront. Legitimate employers do not ask for money from job applicants.

Helpful Resources

• Check suspicious emails by using the Phishing at the Beach AI Verification Tool that can check for you.

• If still unsure, forward suspicious emails to alert@csulb.edu and ask us to verify. 

---

CYBERSECURITY AWARENESS MONTH WEBINARS

---

CSULB-Hosted (Opportunity Prizes)

Register for webinars hosted by CSULB such as these. Win opportunity prizes for attending! 

• 10/7:  Global Threat Landscape & Impacts in Higher Education with CrowdStrike

• 10/15:  Phishing at the Beach with Division of IT

• 10/23: How to Safely Job Search and Protect Yourself from Fake Job Offers with CSULB Career Development Center

• 10/28: Phishing 101 - AI in Phishing with GuidePoint Security

• 10/29: Cybersecurity in the Classroom: Free Tools and Resources for PK–12 Teachers & School Leaders with College of Education

Others Hosted by CSU Campuses

Explore over 20 more webinars hosted by other CSU campuses.

---

MORE FUN

---

Cyber Wordle

New daily challenge throughout the month. 

Virtual Backgrounds

Help spread the word about Cyber Month with virtual backgrounds, which are good for both Zoom and Teams meetings.