Beware of Email Spoofing Attacks


Email spoofing is a type of email scam in which the sender uses a falsified name or email address to fool recipients into thinking that the email is legitimate. Spoofed emails may be designed to appear to be from colleagues, friends, or family members in order to accomplish malicious goals. By impersonating a target’s known contacts, the scammer seeks to gain the target’s trust with the goal of obtaining sensitive information, propagating malware, or extorting funds. 

If an email originates from an address outside of the CSUCI domain, the following banner will appear at the top of the message’s body. This warning banner will appear in Webmail as well as the Outlook desktop and mobile applications. 


Outlook Caution Banner

If you receive an email from a colleague containing this banner, it is advised to check with the sender at a known email address by phone, or via Teams to confirm that the email legitimately came from them. 


Beware the Signs of Spoofing Attacks: 

There are several warning signs that an email may be a spoofed message, such as emails requesting personal financial information, emails requesting the transfer of funds in the form of gift cards, and emails sent from email addresses mimicking the CSUCI domain (such as 


Spoofing emails may also contain links to false login pages that harvest users' credentials. To avoid falling victim to harvesting links, hover over hyperlinks (or tap and hold on mobile devices) in email messages to display the real Web address that they lead to. If the real address does not appear to be legitimate,  

If you suspect that you have received a phishing or spoofing email, it is advised to forward the email to the Information Security Team at Through continued vigilance, you can help to create a more secure workplace. 

Did you know that October is Cybersecurity Awareness Month? For additional cybersecurity tips, please refer to