As the Fall semester continues, ensure that you have the safest and fastest Wi-Fi on campus by connecting to our secure network. Also be wary of scams occurring on canvas asking to provide services for class.
New Canvas Scam
There has been a scam on canvas which offers services to take classes in your place for money. If you receive this type of canvas message please report it to the ITS Helpdesk. This also goes against student conduct so please do not try to accept their offer.
Secure School Network
Be wary of public Wi-Fi and only connect to trusted networks. For a safe and fast connection on campus, use our campus secure network. Check out our website on how to log on with any device.
Phishing example: XXXX Shared a Document With You
In this example, the phishers pose as a known professor or administrator asking you to view their Google Docs by logging in with your username and password. Please note that you will never be asked for your username and password to view a Google Doc in an email.
Phishing example: CW Position with Direct Relief
In this example, the phishers will impersonate a reputable company and attempt to extract information through your resume. A quick Google search of these companies is easy and can provide information on whether or not the email you received is phishing. This phish is trying to impersonate DirectRelief, and by doing a quick search, their website tells us that they are aware of the phish and that it is a scam.
4 simple steps to stay safe online:
1. Use strong passwords and a password manager
Your password should be at least 15 characters or longer and follow the specific requirements of the website. A strong password should be difficult to guess with a mixture of upper and lower case, numbers, and symbols. A password manager goes hand in hand with a strong password as it allows for more complex passwords, and in some cases, the password manager alerts you to a breach. Check out Cal State LA's strong password do's and don'ts requirements here!
2. Enable Multi-Factor Authentication
By enabling MFA, it adds an extra layer of protection even if your account password has been compromised.
3. Recognize and Report Phishing
It is important to recognize phishing so you don't fall victim to getting your information stolen, and reporting it will help you and your peers protect themselves from future phishing attacks.
4. Update all your Software
Software updates include patches for known security vulnerabilities, and hackers are unable to exploit the patched vulnerabilities. It also helps to reduce the chance of malware infections and security threats.
Check out this cybersecurity website for more in-depth information on how to keep yourself safe online.
Phishing example includes: Phishing email titled "Quick Assignment" from xxxx@gmail.com
Hello XXXX
Reconfirm your phone# and look out for my text. I need an assignment completed quickly.
Thanks,
William Covino
In this example, the hacker has you provide personal information in an attempt to confirm they have a potential target or to send phishing through SMS. They will try to sound legit by using the name of someone you are familiar with but official emails from Cal State LA will always leave the email signature rather than just a name of the sender and will also not request personal information.
Phishing email titled: "XXXX Shared a Document With You" from xxxx@stxavier.org
XXXX shared a document
XXXX added you as a viewer. Verify your email to securely view this Document. You will need to verify your email every 7 days.
|
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA |
In this example, the hacker provides a suspicious link for verification to a google document every 7 days. However, google docs may only require you to login to your email but does not require verification through a separate process. The hacker may also be attempting to get you to provide information by repeatedly accessing the site every 7 days. You can also determine if the link is trustworthy by hovering over the URL and this example you can see the URL takes you to a google form rather than a google doc.
Recent phishing examples include: Phishing email titled “SUMMER JOB OPPORTUNITY” from xxxx@gmail.com
Dearest Applicant's,
You are invited to explore a part-time work and study opportunity available to all staff or students. This position offers a chance to earn up to $550 weekly.
The job is exciting, flexible, and designed not to interfere with your current job or studies.
In this example, the hacker has you copied the suspicious URL to the browser rather than provide a direct link attempting to bypass the email security checking.
Phishing email titled “ACADEMIC INTERNSHIP OPPORTUNITY” from Career & Internship Fair hrmcare_er@xxxxhumanity.com
Greetings, valued students
I'm thrilled to let you know about some fantastic news. We've got a paid internship up for grabs, and it is work-from-home (remotely). Whether you're seeking part-time or full-time employment, this internship offers valuable experience for students across all departments.
Weekly payment of $450.00 APPLY HERE! Learn more about these amazing benefits.
With best wishes, California State University, Los Angeles Office of Student Services and Job Placement
In this example, the sender’s email address does not match with the claimed sender organization. There is also no Cal State LA official email banner.