Phishing is an illegitimate attempt to trick people to reveal sensitive information, such as passwords, birthdates, and credit card or bank account numbers, by impersonating as someone trustworthy. Spear phishing is a highly targeted type of phishing typically directed at a particular institution.

This latest round of phishing e-mails claim to be sent from the university's e-mail administrators, requesting verification of e-mail accounts. Messages have subjects like 'UPGRADE YOUR EMAIL ACCOUNT', 'VERIFY YOUR SFSU.EDU EMAIL ACCOUNT NOW', 'Email Account Verification', 'Your Email' or 'Account Review'. New variations of these subjects are expected.

SF State will never ask for you to send sensitive information over e-mail. Never send sensitive information over e-mail; e-mail is not a secure form of communication.