Another day, another PHISHING attempt

It seems like you can’t get through a day without hearing about a new phishing scam out there and today there were actually two that we were hit with. I shared these with the employees at my school along with two more examples of common phishing emails.

1. The “Headmaster” email.
When you get an email from your Headmaster you generally want to answer it right away… but hold on. One recent scam that we have seen using the actual name of your school’s headmaster, but upon close examination, you can see that it is indeed not an organizational address.headmaster_email_01But what if you reply, what might happen? You’d be surprised, just as I was to see the level of interaction that can go on before the person realize this might be a scam.headmaster_email_02

2. FBI Warnings
A major new agency in my home state, NJ.com, was reporting that the FBI has issued a warning to NJ residents about phishing emails targeting people login credentials for payroll systems – “There’s a scam to steal your paycheck that the FBI wants everyone in N.J. to know about”.As we talk to our employees about phishing scams we always put it in the context that these topics we are discussions are not just a school-related issue, but those that can help you outside of school as well. This is a prime example.

3. Common Occurrences
Below are two more examples of some of the common phishing emails that come into your inbox on a daily basis. They include the familiar indicators such as suspect email addresses, URLs for the links are not associated with the actual company, spelling errors and in the Apple example, the details were in an attached PDF.

 

As technology leaders, we all need to constantly remind those within our organizations to be vigilant when it comes to questionable emails. All too often we simply hit reply and provide the requested information in an effort to keep up with the constant flow of email. We need to work with our organizations to set aside time for training and keep up with updates on how to recognize risks and how to report them.

 

 

 

About William Stites

Currently the Director of Technology for Montclair Kimberley Academy, occasional consultant, serial volunteer for ATIS, husband, and father to two crazy kids who make me smile everyday.
This entry was posted in Cyber Security and tagged , . Bookmark the permalink.