Please be advised that spam email is currently circulating throughout the College. A sample of the phishing email is below. This type of spam is a result of people clicking on a link in the phishing email they received and entering their credentials. Once this is done, their account becomes compromised giving the hacker the ability to send email from their account. If you think you may have entered your credentials into a phishing email link please reset your password as soon as possible. Also, if you use that same password for other systems, either inside the College or outside, please change the password in those systems too.

As always, please be vigilant and cautious when reading email that seems “phishy.” If you are unsure of the legitimacy of an email, contact the Helpdesk for assistance.

REMEMBER:  If you think you may have disclosed your user ID and/or password to a phishing site then you must change your password immediately on any and all systems where that same password is used.

Be extremely cautious before responding to email that asks you for your personal information regardless of how official it appears.

Do not be curious under any circumstance and

-do NOT release it from your quarantine folder

-do NOT click on the links and do NOT enter your credentials

do NOT forward it around; delete it.

Some steps to follow to keep your identity secure:

1. Avoid clicking on any Web links from within an email. These embedded links may direct your Internet browser session to illegitimate Websites asking for personal information and could also download malicious code, such as viruses or spyware, onto your machine. Instead, start a new Internet browser session and enter the legitimate Website address into the address bar of the browser.

2. The content of many phishing emails can be very threatening (e.g., account closure, account verification, account updates, account is limited) and can be convincing to entice the user to follow through with the provided instructions. By far, most institutions will use non-Internet methods, such as the U.S. Postal Service, to send these types of notices and then will only send them to your official address of record. If in doubt about the legitimacy of these threatening e-mails, call the institution using the phone number on your last statement or on the back of your credit card.

3. Similarly, financial institutions generally require some form of an initial setup to be completed prior to allowing electronic banking services. An online relationship is usually not established automatically or only through an exchange of emails. Become familiar with your financial institution’s online registration process and how the electronic relationship may change from time to time. If in doubt, call the institution using the phone number on your last statement or on the back of your credit card.

4. Update your computer’s operating and Internet browser software on a regular basis. These updates routinely include security enhancements.

5. Maintain anti-virus programs to the current level of protection.

6. Select and maintain passwords that are difficult to guess and change them regularly.

Also, please be aware of a new type of phishing attack that is emerging called Smishing.

Smishing is the fraudulent practice of sending text messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords or credit card numbers.

If you have any questions or concerns, please contact the Helpdesk at helpdesk@csi.cuny.edu

By Thomas Lauria


CURRENT CIRCULATING PHISHING EMAIL FOLLOWS:

College of Staten Island Portal 

Hello Firstname Lastname,

Incoming document for firstname.lastname@csi.cuny.edu

Use the below button to review document.

Review Document

© 2022 College of Staten Island. All Rights Reserved