Skip to main content

Email Phishing Scams

There has recently been a large number of phishing attempts targeting South Dakota State University students, faculty, and staff. While the Office of Information Technology is doing all we can to prevent these attacks, each individual must be aware of the danger and take appropriate steps to ensure you don’t fall victim to malicious activity.

Has your account been compromised?

Follow the Compromised Email Guide to recover your email.

Email phishing scams can come in many forms, but typically try to convince you of an immediate problem, such as an expired password or needing to verify account information. They often appear to have been sent by a legitimate person such as a SDSU student of staff member.

If you have received any email and are still unsure of its authenticity after reviewing this information, you can forward the email to our Information Security Team. You may also visit InsideState or MyState and find a list of known spam and legitimate emails. 

Points to Remember:

  • The SDSU Support Desk will never ask for account information (username and password) in an email.
  • Always check the link in the email. Spam emails often link to a subdomain of a non-SDSU website, such as
  • DO NOT open any email attachments in suspicious emails. Spam emails may also include the text with the warning and link in an attachment to bypass any security filters searching email bodies.
  • Never follow any link in a suspicious email or an email coming from an unknown source. Always open a web browser and go directly to the website.