Web Content Display Web Content Display

Phishing is a fraudulent attempt, usually made through email, to steal your personal information. The best way to protect yourself from phishing is to learn how to recognize a phish.

Phishing emails usually appear to come from a well-known organization and ask for your personal information such as credit card number, social security number, account number or password. Often times phishing attempts appear to come from sites, services and companies with which you do not even have an account.

In order for Internet criminals to successfully "phish" your personal information, they must get you to go from an email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via email.

Fraudulent Email List

Browse Phishing Topics

What to look for in suspected phishing emails?
  • Generic greeting. Phishing emails are usually sent in large batches. To save time, Internet criminals use generic names like "First Generic Bank Customer" so they don't have to type all recipients' names out and send emails one-by-one. If you don't see your name, be suspicious.
  • Forged link. Even if a link has a name you recognize somewhere in it, it doesn't mean it links to the real organization. Roll your mouse over the link and see if it matches what appears in the email. If there is a discrepancy, don't click on the link. Also, websites where it is safe to enter personal information begin with "https" - the "s" stands for secure. If you don't see "https" do not proceed.
  • Requests personal information. The point of sending phishing email is to trick you into providing your personal information. If you receive an email requesting your personal information, it is probably a phishing attempt.
  • Sense of urgency. Internet criminals want you to provide your personal information now. They do this by making you think something has happened that requires you to act fast. The faster they get your information, the faster they can move on to another victim.

Examples of Phishing Emails:

Below are samples of phishing scam emails sent out by malicious individuals:

"We found unauthorized transactions on your account. To ensure your account is not compromised, click the link below and confirm your identity."

"Due to an overflow of inactive account, please go through this survey to confirm and re-validate your account."

"Dear Lucky Winner, We are happy to inform you that your email address have emerged the Prime winner of Four Hundred & Fifty Thousand Euros (450,000.00) in Uplift International Email Lottery Award."

"Your email (or password) will expire soon. To avoid any interruption, please click the link below and upgrade your email."

The images below shows how to identify a phishing attempt:

Example 1:

What is phishing

Image from Microsoft Security Website

How do I protect my identity?

Treat every email you receive (even if it is from someone you know) with caution. Reputable organizations will never request personal information via email. Internet criminals target all types of businesses, home users, institutions and governmental organizations. You should use the same precaution in all aspects of your daily life Some other important notes to consider:

  • CSE representatives will never ask for your password or Social Security number by mail, phone or any digital form.
  • Never reply to any messages that ask for your password or personal information.
  • Never click links in suspicious email messages. Phishers often make links look like they go to one site, but actually send you to a different site.
  • Be cautious about viewing attachments or downloading files from emails you receive, regardless of who sent them.
  • Make sure your computer's Virus and Malware protection are up-to-date.
  • Frequently review financial statements to check for unauthorized charges.
  • You should be suspicious of any email messages which direct you to websites requesting personal and/or financial information.
  • Check the sender's email address. Phishing emails are usually sent from addresses that are similar to, but not the same as CSE's official email address.
Who do I notify?

In order for us to properly track phishing activities and stop more emails from being sent out to other users, you will need to send us the full message headers of the email. Below are instructions on how to do so:

  1. Log in to your CSE email.
  2. Open the phishing/scam email you received.
  3. Click on the down arrow next to Reply, at the top of the message pane.
  4. Select Show Original
  5. The full email headers will appear in a new window.
  6. Copy the entire text on the window and paste it into a new email message.
  7. Send the email headers to
  8. Delete the message.
I have responded to a Phishing scam. What should I do now?

If you responded to any phishing emails, contact the CSE Helpdesk immediately at or (973) 290-4015 so we can assist you in resetting your password and check your account for any suspicious activity.

If you have submitted any other sensitive data such as your Social Security Number, it is recommended that you sign up for credit monitoring with a reputable credit report agency.

Educational Videos on Phishing/Scam

A collection of videos on phishing, identity theft and other computer security issues can be found here at our CSE Media Site (log in with your normal username/password like you would log in to any computer on campus).