Security Alerts Archive

The Information Security Office stores prior security alerts for future reference.  Prior year security archives are available upon request and documentation will be posted at a later date.

1. Fraudulent Job Postings

In addition to the hundreds of great opportunities from legitimate employers listed on SJSU Career Center, we unfortunately see occasional fraudulent postings as well.

Despite our monitoring of incoming postings, it is important that students carefully review job postings for signs of fraud.

  • You are asked to give your credit card or bank account numbers, or copies of personal documents — but you get nothing in writing.
  • You must send payment by wire service or courier.
  • You are offered a large payment or reward in exchange for allowing the use of your bank account — often for depositing checks or transferring money.
  • You receive an unexpectedly large check (sample for illustration purposes only; company name may/will be different: FedEx shipping label, check).

Fraudulent Samples For Illustration Purposes Only:

-Recruiting Letter

-FedEx Shipping Label


This is not an exhaustive list. There may be other clues, or a fraudulent posting may not conform to any of these conditions — but these are common tactics.

For more information watch our SJSU Frauds and Scams video. 

What to do

Scam/fraudulent postings are not limited to online job boards; some scams are posted on physical bulletin boards around campus, and may seem like they're affiliated with or promoting advocacy groups or causes that students care about.

If you have any concerns about the legitimacy of a posting, DO NOT APPLY for the job. Instead, contact SJSU Career Center at 408-924-6031, or email at

2. Alerts on University Employee Payroll and Fictitious Student's 'Work-From-Home' Scams

University employees and students across the United States have been the target of two different email scams.  The Internet Crime Complaint Center (IC3) has issued alerts addressing spear phishing scams targeting University employees and students in relating to payroll accounts and 'Work-From-Home'. Scam operators use fraudulent e-mails and websites to entice employees to reveal login credentials: 

IC3 Alert on University Employee Payroll Scam

IC3 Alert on University Students 'Work-From-Home' Scam

Tips on how to avoid these and similar scams:

  • If something sounds too good to be true, it probably is.
  • Roll your cursor over the links received via e-mail and look for inconsistencies. If it is not the website the e-mail claims to be directing you to then the link is to a fraudulent site.
  • Never provide credentials of any kind such as bank account information, login names, passwords, or any other identifying information in response to an e-mail.
  • Never accept a job that requires the depositing of funds into your account and wiring them to different accounts.

If you have any concerns about the legitimacy of the e-mails, contact SJSU Human Resources at 408-924-2250, or email at

3. Phishing Attacks Search for YOUR SJSUOne Username and Password

In September 2014, SJSU students, faculty, and staff received emails from real SJSU email addresses asking for your SJSUOne username and password. The activity was an attempt to defraud Spartans into revealing their confidential information by posing as a legitimate IT group on campus performing account verification. What made those incidents different is that the accounts which were used to send the messages were real SJSU accounts which had possibly been compromised in an earlier phishing scheme.

Information Security is the responsibility of everyone at SJSU. October is Cybersecurity Awareness Month, and this is a great time to remind all Spartans of how to protect themselves from imposters online.

From: Jane Gonzales
Date: Thu, Jan 12, 2017 at 3:00 PM
Subject: SJSU ALERT!!

You have exceeded your mail quota, Click on this link to revalidate your mail account.




From: Peter Smith
Date: Thu, Jan 9, 2017 at 2:30 PM
Subject: Sjsu Update

You have exceeded your webmail quota, Click on this link to revalidate your webmail account.




From: John Smith
Date: Thu, Jan 5, 2017 at 1:10 PM
Subject: Sjsu Update

You have exceeded your quota limit of 500.GB . you need to expand your quota limit. to 1000.GB before 48 hours. Click here (LINK REMOVED): to upgrade your email account.

help desk 2017
Campus Email - Information Technology - San Jose State University


From: HELP
Date: Wed, Sep 9, 2015 at 9:54 AM
Subject: Help

Your VU email account was login by an unknown address and your account we be disable before 10minutes, to prevent disabling your account use the link below

©San Jose State University
University. All rights reserved.


From: IT User Support
Date: Wed, Sep 2, 2015 at 5:22 PM
Subject: Alert!!

Your email account is now been suspended and you will not be able to send or receive new messages. for your e-mail access restoration Please Click Here and update your account.

Thanks for your anticipated cooperation,
Thanks & Regards.


From: Sjsu>IT Help Desk
Date: Fri, Aug 21, 2015 at 1:26 AM
Subject: NOTICE!

This is a courtesy notice from your Help Desk Team, and it's to inform you that your email account has exceeded it's mail quota on the database server. Your email account will be blocked from sending and receiving emails if your email account is not verified within 24-48 hours.

You are advised to click the following link below and also follow the instructions to verify your account.

Information Technology | San Jose State University


From: "Information Technology support SJSU"
Date: Jul 23, 2015 10:54 PM
Subject: Dear Account User

Dear Account User,

You have exceeded your email quota, Click on the link below to re-validate your email account.

You are advised to click the following link below and also follow the instructions to verify your account.

Thanks, IT Help Desk| SJSU


For more information watch our SJSU Frauds and Scams video.