• Phishing11
  • Phishing222
  • Phishing333
  • Phishing41
  • Tax_season_is_here
 Phishing attempts this week             All recent phishing attempts


Is it phishing ?

Scammers and spammers know that people are busy and, most likely, will read their mail quickly with out spending much time looking at the message itself.  It is this characteristic that they are relying on when they send out these messages.  Identifying a phishing attempt can be easy, as long as you know what to look for and take your time to look at the message for the clues indicating it may be a phishing message. 

There is a difference between spam and phishing. Spam is unsolicited email, usually from someone trying to sell something and does not try to obtain personal or confidential information.  Other than cluttering up one's inbox, spam usually does no harm.  To control this type of mail simply flag the item as junk. 

what is phishing and is there more than one type?

tips and identifying phishing


I replied to a phishing message - now what ?

It happens, you are busy, you just got back from a 2 week vacation and now have to catch up on all of that email in your Inbox.  Then it occurs to you, but a little too late, that last email ... something about it did not look quite right!  You may have just responded to a phishing attempt.  All is not lost, but time can be important so take action quickly to lessen any possible harm. 

more information on what to do (remediation)


Most recent phishing attempts

Phishing on CSU cell phones and CSU office phones

For CSU cell phones: if you receive any messages or calls from 611 or 1-800-331-0500 and prompts you to provide personal information, do not respond. The phone is owned by the University and no personal information is tied to the phone service. No changes can be made by users; only Telecommunications Office is authorized to make any changes to the account.

For CSU office phones: if you receive calls from outside callers claiming that you have placed a call to them without your knowledge (i.e.... your direct number is appearing as caller ID instead of 216-687-2000), than your telephone number may have been “spoofed”.  Please alert Telecommunications if this becomes a recurring issue. We will work with you on an individual basis on how to address the situation.

If you receive any of the messages similar to those described below, or any of those listed in the archives (items received within the previous 6 months):

- Do not reply, select any link or open any attachments
Mark the item as phishing (this will send the item to Microsoft for review and flag the item as "junk" in your mailbox) or delete the item. 

If the email you received is not listed below, or in the archives, and it contains the hallmark of a phishing attempt, forward the email to so that we can make others aware and take action to minimize any potential negative effects.

Listed below are the more recent phishing attempts detected on CSU accounts.  They are listed by the wording listed within the subject line, followed by a brief description of the email.  To view an example of the email, select the subject listed.

New this week

**** Special Notice ****

If you receive an email from what appears to be an individual you are associated with at CSU, and the email indicates they need to contact you but are unable to do so due they being in a meeting, on the road etc. and requests you email them back, check the email address that the mail was sent from, do not simply look at the name listed as it being sent from.  By looking at the email address, you will note that the mail was not sent from the individual that it initially appears to have been sent from.  These mails are being sent in an attempt to have people reply and then follow up emails will request confidential information, money in the form of cards, or other personal information.  If you receive one of these, DO NOT REPLY, simply delete the item.


  • Office 365 - Check your account before is be deleted - Email that appears to have been sent form Microsoft indicating your account is to be deleted and a payment is due.  1) There is no charge for CSU email accounts, 2) Microsoft nor CSU ever send mailing out indicating you must take action otherwise your account will be deactivated, 3) note the poor grammar in the subject line, 4) if you hover over the links in the emails (place mouse over links but do not select) you will note that the URL it is pointing to is not a CSU nor Microsoft link.  (3/22)
  • Activate Account - email that states an account has been activated for you and request you select on an embedded link.  The link appears to be related to CSU, however, if you look close you will note it is not as CSU links end in ".edu".   (3/21)
  • Are you busy - email that appears to originate from a member of CSU, please note the email address is was sent from as it is not a CSU address.  Do not reply, this is simply an attempt to make contact with an individual and eventually obtain money and/or gift cards.  (3/21)
  • Pet Sitting Job - email that claims someone is looking for a person to pet sit their animal.  This is simply an attempt to obtain personal information. (3/21)
  • Foreign Text Images - the email consists of a subject and images in a foreign language. The images have links embedded in them, please do not click on any of the images. (3/19)
  • Watch this ... - email that appears to have been sent from a member of CSU, but the email address is not a CSU address.  contains a link that the sender claims is a video.  (3/13)
  • Display Content - The email insists that you 'Open before Wednesday' with a button below. Do not click on the button because it is not from CSU (3/13)
  • Play Message - The email claims that a voicemail was left on your account. Please do not click 'Play Message' (3/12)
  • Cancel Request - This email appears to sent from Microsoft but it is not; Microsoft official emails will contain the word “Microsoft” in the domain name. For example: ***** Do not click on any links in this email (3/12)

To view a list of these and other Phishing notices that we have received within the past 6 months, please visit the archives.