Phishing Scams: What They are and How to Protect Yourself

One of the most common ways internet scammers attack is through the use of phishing scams, which target consumers through the art of deception. The Federal Trade Commission warns that attackers disguise themselves as trustworthy sources, such as internet and cell phone service providers, banks, even government agencies and officials. They aim to obtain sensitive information from their victims such as usernames, passwords, and credit card details and then use this information to open new accounts or invade the consumer’s existing accounts.

On Oct. 1, Santa Monica College’s (SMC) Information Technology (IT) department sent out an email warning that in addition to trying to trick consumers into providing identifying information, scammers also provide links that navigate victims to fake login pages. These pages are designed to mimic the format of recognizable login screens, such as SMC’s login page.

Some people are aware of the existence of phishing scams already, however because each scam is unique they can be difficult to spot. SMC accounting student Jamie Mark encountered one of these fake emails. “I’ve always been suspicious of random text messages with links but wasn't aware of the dangers presented in emails so that email from SMC explaining the dangers heightened my awareness," said Mark.

Educational institutions in particular have fallen victim to numerous cyber attacks since the onset of COVID-19 when they converted to online instruction. SMC was recently targeted by a scammer using the "smc.edu" domain with the address ‘susilowati_sri,’ who was falsely offering employment opportunities. The email from this compromised account attempted to not only steal financial information but also to pressure students into paying money in order to secure a job.

Jamie Mark, one of the targets of this scammer posing as SMC faculty, had received one of these fake emails prior to the warning sent out by the IT department. “Luckily I didn't fall for that trap but it definitely made me scared and more cautious of who I’m interacting with online,” said Mark.

SMC’s IT department provided important tips to identify and prevent phishing scams in an email they sent out to students and faculty on Sept. 23.

First; verify that the sender is in fact who they are posing to be. After receiving an unsolicited message, the department says it's imperative to verify the legitimacy by contacting the source through other means such as a campus extension. Make sure to call the number listed in the campus directory, not a number provided in the suspicious email.

Second; keep an eye out for clues such as obvious misspellings and grammatical errors.

Third; never open a link or attachment from a sender you are not familiar with. If you receive an unexpected attachment or file, call the sender to verify legitimacy before opening it.

The last tip is one your parents have been telling you since childhood; don’t talk to strangers! Block unwanted and suspicious emails and texts, hang up the phone if you receive a call from a stranger asking you to provide information, and report any suspicious activity to SMC's ITHelp@smc.edu in order to protect yourself and others.

You can help protect your community by spreading awareness about the importance of cyber safety in your workplace, within your household, and on social media with the hashtag #BeCyberSmart. With so much of society operating online these days, it is important to be aware of these opportunists. Sharing safety tips and reminders can protect the organizations and people you care about.