We have included some of the most common questions and answers regarding phishing, along with quick links to take you directly to the information you need.
- Who should I contact if I receive a phishing message or spam?
- I'm not sure if an unexpected email request is "suspicious" or "seems real." What should I do?
- What should I do if I think I've gave my password to a phishing scam?
- Can an email message that contains a company's official logo be a phishing scam?
- What is the University doing to protect against these kinds of messages?
Who should I contact if I receive a phish or spam?
- Just delete it. We expect that some phishing or spam messages will get through the filter, so there is no need to alert anyone. Forwarding a message just gives more exposure to the dangerous content.
I'm not sure if an unexpected email request is "suspicious" or "seems real". What should I do?
- Don't take action on the request. Attempt to contact the sender and see if it is real. Use a published phone number, email, or web address for the alleged sender–NOT the one in the message.
What should I do if I think I've given my password to a phishing scam?
- Immediately change your password! Then, contact the Information Security Office, by phone 310.506.4040.
Can an email or web page that contains a company's official logo be a phishing scam?
- Yes. That is why you must always check the web address bar for encryption and a matching domain when entering your password. Logos and branding are publicly available and easily copied into an email or web page.
What is the University doing to protect against these kinds of messages?
- The ultimate protection is to train each person to do the right thing with unexpected email requests and to check the web page before entering a password. The University's spam filter is blocking the overwhelming majority of spam and phishing messages, but some will get through. You can read more about the spam filter on the Spam Filter FAQ page.