Phishing is the attempt to gather personal information using any combination of deceptive messages, links, calls, emails and websites. Phishing emails are typically the most common types of phishing that you will encounter. These deceptive emails tend to impersonate a legitimate person or company in order to obtain information from you.
Our mail system tries to help by automatically blocking or warning you of messages that it detects as malicious, but an email that's disguised really well or from a legitimate account can still navigate through our filters and arrive in your inbox.
Check the person's full email address. Emails from district personnel will always be from email@example.com, accounts that impersonate administration would not be from the washk12.org domain.
However, email scammers will try to create domain names that look very similar to legitimate ones, or you may not always know what a legitimate domain name would be for a particular company. Therefore, we have signs to look for in the content of the email you recieved that we can respond to.
Also, keep in mind that a malicious email could still come from a washk12.org account if that account was compromised.
If we are unsure if the email is legitimate or not, we need to ask ourselves two questions: what does this email want from me? and how does it want me to respond? The example below is notifying the recepient of an upcoming charge. They are hoping to confuse and panic the recepient so that they will call the phone number and connect them to the scammer, who will then further impersonate the company.
Although the email looks like it's from a district employee, we can tell by the content of the message that something is suspicious. This is potentially a district employee whose account has been compromised.
It is very common for a phishing email to lead you into a page impersonating the company in order to collect your account login credentials.
Check the full website address. Similar to checking an email address, a login page should be from a known domain for that company.
It's become a standard for modern websites to use HTTPS. This makes your connection to the site more secure and will show a lock icon in the adddress bar
Seeing the "Secure" Lock icon does not mean the site cannot be malicious, more advanced phishing pages will go through the steps to acquire a lock.
A QR (Quick Response) code is a type of barcode that moderm smartphones can now easily scan and read through an app or directly built into the camera. QR codes can be used for many different digital purposes such as website links, login methods, and banking transactions.
Security news outlets are steadily reporting occurences of scammers placing QR codes in public places and attempting to con victims into scanning the codes to collect their information.
What can you do? Use QR code payments only in circumstances that you consider normal, don�t be rushed or talked into paying in a way that you are not completely familiar with. Treat a QR code like any other link. Don�t follow it if you don�t know where it originated from, or if you don�t fully trust the source.
Perhaps even more annoying than spam emails are spam text messages. Ranging from actual conversations with a scammer to automated marketing links, tens of billions of scam messages are sent every year.