Cyber Red Flags

Friday 02/14/2025

In today’s world, whether you are connecting with professors, receiving updates or collaborating with classmates, email communication is an essential part of campus life at Florida State University. However, not all emails are trustworthy. Cybercriminals often create fake emails to steal personal information or compromise accounts. FSU ITS is here to help you stay aware by sharing key red flags to spot a fake email. 

Here are some of the different red flags that cybercriminals tend to use when trying to steal your personal information or compromise your account:  

 1. Stay on the lookout for any suspicious sender address. 

Always check the sender's email address. Official FSU emails will come from a  “@fsu.edu” domain. Be cautious of addresses with misspellings, extra numbers or unrelated domains. Just because an email sender's name looks legit, always check what the actual email is. 

2. Ask yourself if the email contains any urgent or threatening language. 

Cybercriminals are masters at creating a sense of urgency or fear. Phrases like “Your account will be suspended immediately!” or “Respond within 24 hours to avoid penalties” are common red flags. Usually, organizations will communicate calmly and provide clear, reasonable deadlines. 

3. Fake emails tend to have generic greetings. 

Be cautious of emails that start with “Dear Customer” or “Dear User”.  

4. Check for any grammatical errors and typos. 

Professional emails are well-written and usually go through multiple rounds of proofing. If you notice poor grammar, awkward phrasing, complex words or excessive typos, proceed with caution. 

5. Does the email include any unexpected attachments or links?  

Ensure you check the destination before clicking. If a link looks suspicious or doesn’t match the content of the email, DO NOT CLICK IT. Be on the lookout for any unexpected attachments, which may contain malware. If you are unsure if you can trust it, don't risk it.  

6. Cyber criminals will usually request personal information.  

Legitimate organizations, including FSU ITS, will never ask you for your password, Social Security number or other sensitive information via email.

7. Is it too good to be true?  

Be skeptical of emails offering prizes, rewards or job opportunities that seem unrealistic. If it sounds too good to be true, then it likely is. These are often phishing attempts. 

8. Mismatched branding.  

Pay attention to the email’s design and branding. Fake emails use low-quality logos, incorrect colors and outdated branding elements. 

 

What to Do If You Receive a Suspicious Email: 

  • Don’t Click or Respond: Avoid clicking on links, downloading attachments, or replying. 

  • Report It: Forward the suspicious email to abuse@fsu.edu. 

  • Delete It: Once reported, delete the email from your inbox. 

By staying aware of these red flags, you can protect your personal information and FSU accounts from cyber threats. If you have any questions or concerns about cybersecurity, FSU ITS is here to help. Stay safe and secure online!