• Email phishing attacks

    All leaders | Deadline: immediate

    The City Schools email system has recently been targeted by "phishing" attacks. Please inform all staff members not to open messages with the subject line "Your document" or "Invoice paid." These messages should be deleted from email in-boxes and deleted items folders.

    Phishing attacks are attempts to steal personal information, such as usernames and passwords. They are usually launched via email, with messages that can appear to come from legitimate email accounts that are actually fraudulent.

    Here are some tips to share with staff to help them recognize phishing and protect their personal information and the district's email system:

    • Never share usernames, passwords, or personally identifying or financial information (e.g., Social Security numbers or banking information) by email. If you receive an email that requests this sort of information, do not respond. (City Schools' IT staff will never ask you to provide log-in information by email.)

    • Do not open messages or attachments in messages from unknown senders, and do not click on links in these messages.

    • Check the sender's email address. Sometimes, the sender's name may be familiar or seem legitimate, but the email address is unknown or suspicious.

    • Look for fraudulent links. Roll your mouse over the link in the message, and look at the URL that shows on your screen. If it doesn't match the URL in the message text or points to an unfamiliar or suspicious website, do not click the link.

    • Watch this short video on TSS about email phishing and how to avoid it.

    For more information or assistance, contact the IT Service Support Center at 443-642-3000 or by email.

    View other items in the December 4, 2014, Leadership Action Update