Spam and Phishing

If a phishing/spam message originates from an internal, compromised SF State account, SF State should be notified. Compromised SF State accounts can only be resolved by SF State. Microsoft spam filtering does not scan messages sent from one SF State Exchange account to another.

Please report compromised SF State accounts to the ITS Service Desk so we can stop the phishing message distribution as quickly as possible. To report compromised SF State accounts, forward a copy of the message to or use the Report Spam and Phishing process. Some messages that look like they are from an internal account are really spoofed messages sent using an external email account. This can only be identified from the message header and the ITS Service Desk can assist in identifying the spoofed messages.


IT Security

Related Content

Reporting Spam and Phishing

Phishing Guide

How to Report Phishing Websites Guide

Service Users




Still Need Help?

If you weren’t able to find your answer, submit a service request ticket to the ITS Service Desk. Service request tickets are responded to during normal business hours.

Submit Service Request







View ITS General Service Level Expectations