Examples of Phishing Messages

These are real examples of phishing emails that have been received by CSULB employees. To see a list of known phishing emails reported on campus, please see the CSULB Phish Bowl.

Example 1

There are three clues in the following example that hint at this email not being valid:

  1. The sender's address is displayed and it is not from an @csulb address.
  2. This is from a peculiar non-university location. CSULB would not likely send you to a form site.
  3. A typical tactic by phishing attempt emails is to give you sense of urgency.

Figure 1: Shows three clues of phishing.

Example 2

Another three clues showing a questionable email source, in this example:

  1. The sender's address is displayed, and it is not from an @csulb.edu address.
  2. The paragraph is written with many grammar mistakes.
  3. When you hover your mouse over the "Click Here" link you can see the pop-up box which will reveal this link takes you to a non-CSULB website.

Figure 2: Another three clues of phishing.

Example 3

This example gives as many as six clues as to it's illegitimate intentions:

  1. The sender's address displays as if it's coming from CSULB. If you hover over any of the csulb.edu links, it does display a real CSULB site address. They are trying to establish legitimacy.
  2. The sender is requesting the recipient to reply to a peculiar, non-csulb address.
  3. The message is written with poor grammar and punctuation.
  4. CSULB IT support organizations would not request you to send this type of personal information by email nor to a non-csulb address.
  5. A typical tactic by phishing attempt emails is to give you a sense of necessity to comply.
  6. There is no such department or service name on campus.

Figure 3: Six clues of phishing.

100% helpful - 1 review