Many of us get scary e-mails that may "threaten" us somehow or ask for money or want us to click a link or open a file.
Just don't do it.
Just don't do it.
Example #9
This is a good one... (sorta)
|
But what is wrong with it?
KEEP IN MIND that I did NOT click on any links! |
...However (but wait there's more...)
About two hours later, there was a follow up e-mail that said... see the 2 screenshots below.
So by me NOT clicking on the link AND deleting the e-mail I am now told I need to take a training! Again this sounds quite like phishing - Stress does pile on when you KNOW you did not click the link or fall for the phishing attempt! Okay so NOW I have a question to ask my (as it says... "Security and Compliance Team" - Please tell me how to contact them. Perhaps it is two phishing attempts? No, the second one references the first one!
BUT WAIT... (yeah there is even more!)
Turns out it WAS SENT by our own IT/IS department! (Not EdTech, to a random 2,700 employees! Word in the shop is - if you got the first mail, you got the second one too. EVEN if you did not fall for the phishing attempt!
However here is <part of> what was sent to all later on.
"Those that fell for the phish were sent a follow-up email informing them they were part of a district phishing campaign, and they were presented with links to training materials. This is NOT mandatory training but an effort to educate on how to avoid falling for such an email in the future"
(Again - please remember that I did NOT click on the links in the original e-mail) AND please... ponder again with me...
How do I contact my "security and compliance team" AND where (in the screen shot above) does it say it is NOT MANDATORY?
I'll wait.
However here is <part of> what was sent to all later on.
"Those that fell for the phish were sent a follow-up email informing them they were part of a district phishing campaign, and they were presented with links to training materials. This is NOT mandatory training but an effort to educate on how to avoid falling for such an email in the future"
(Again - please remember that I did NOT click on the links in the original e-mail) AND please... ponder again with me...
How do I contact my "security and compliance team" AND where (in the screen shot above) does it say it is NOT MANDATORY?
I'll wait.
still waiting... yes one more thing from example #9!
Today in a district meeting this was pasted in our TEAMS chat.... OH and by the way... more to ponder...
|f it was sent to ALL EMPLOYEES why did it need to get posted in teams? And why have I still not received it 3 days later.
|f it was sent to ALL EMPLOYEES why did it need to get posted in teams? And why have I still not received it 3 days later.
Finally.
As I said at the start. What a good and cool idea. But...
As I said at the start. What a good and cool idea. But...
- DO not lie to your employees and tell them they clicked a link when they did not. It's a trust thing.
- IF it is legit and you tell me to contact some one. Tell me WHO to contact otherwise it is phishing!
- DO make those who click the link take a mandatory phishing class.
- Please TELL YOUR SCHOOL LEVEL tech people (me and others in this role) when this type of thing is coming and how to respond when my staff contacts me. BTW... This page IS how and what I will send to them!
- SMH...
- In the long run, I love GSD - it has been good to me but this is crazy stuff right here.
Example #8
Just think about this for a second...
"Jasmine Barnes" e-mailed ME about MY site asking who to send info to about MY site. Duh - Me. But look a the e-mail address host... edumailhost.org? Google it! Seems like I am not the only to get this e-mail. DO NOT RESPOND to these types of e-mails!
"Jasmine Barnes" e-mailed ME about MY site asking who to send info to about MY site. Duh - Me. But look a the e-mail address host... edumailhost.org? Google it! Seems like I am not the only to get this e-mail. DO NOT RESPOND to these types of e-mails!
|
|
Example #7
Looks like it came from our principal. BUT check the e-mail address and you'll see that it did NOT. If you do respond to these types of messages, please be sure to block and report them afterwards.
Example #6
This e-mail (image below) has been sent to many of us (students and staff) in our GraniteSD accounts. Please be re-assured it is NOT accurate. It is called spoofing. The real sender uses our own e-mail address to send it from which I believe is why it gets through our filters and not in spam. Notice all the </br> that is html code and not something you would type in an e-mail. Also all the ᔹ type codes which means there are other coding or typed errors. Both of which tell me it is a massive computer generated e-mail sent to "hundreds" of users. Here are 2 things you should do to feel more secure.
- Change your GSD password. At the portal or on a PC, or have a teacher do it. (Detailed instructions are here)
- See what devices you are currently logged-in on and remove any you do not want connected. (Change your password first and it 'should' log you out of any connected devices.)
Log in to Chrome. Click on your icon logo at the top right. Click on "Manage My Google Account". On the left click "Security". Scroll down to "Your Devices". Those are the devices you are, or have logged in to and a general location. IF there are any that you do NOT recognize you may have been hacked.
Example #5
As you know I run the high school website for... High School kids. This guy (name is not posted!) keeps wanting me to put a link on our students "links page" for "seniors" (old peeps not 12th graders) to learn how to protect themselves from on-line scams. While it is NOT bad information it certainly does not belong in a high school or on my "links" page. Classic irony. Highlight the url below and paste it if you're interested. This is more <consistent> spam than a scam.
Hi ,
Following up on my previous email in case you missed it. We've created a great and up to date resource to help protect the elderly from online scams. You can see it here: https://www.ireviews.com/online-scams/
Would you consider adding it to the page?
Many thanks,
Content Manager
iReviews
-----Original Message-----
Hi ,
I was just wondering if you were still updating https://www.theolycenter.org/links.html. We've just created an excellent guide to help protect our elderly loved ones from online scammers.
We think it's got a lot of very useful information, so if it could help any of your readers, we'd love to be included on your page!
Here it is: https://www.ireviews.com/online-scams
Following up on my previous email in case you missed it. We've created a great and up to date resource to help protect the elderly from online scams. You can see it here: https://www.ireviews.com/online-scams/
Would you consider adding it to the page?
Many thanks,
Content Manager
iReviews
-----Original Message-----
Hi ,
I was just wondering if you were still updating https://www.theolycenter.org/links.html. We've just created an excellent guide to help protect our elderly loved ones from online scammers.
We think it's got a lot of very useful information, so if it could help any of your readers, we'd love to be included on your page!
Here it is: https://www.ireviews.com/online-scams
Example #4
COVID-19 Benefits
Subject: Re: COVID-19 Benefits
In response to the current hardship in the community due to the COVID-19 pandemic, The Granite School District has decided to help support all employees and students to get through these hard times.
The Granite School District will award $2,500 to all qualifying employees and student as COVID-19 support, starting from today, Thursday, 13 May 2021.
Visit the COVID-19 Benefits page and fill in the form correctly with the most appropriate details to apply.
Note: If you do not submit all the information requested, your application will not be processed.
Sincerely,
Cheryl C Hall
COVID-19 Support.
Granite School District
In response to the current hardship in the community due to the COVID-19 pandemic, The Granite School District has decided to help support all employees and students to get through these hard times.
The Granite School District will award $2,500 to all qualifying employees and student as COVID-19 support, starting from today, Thursday, 13 May 2021.
Visit the COVID-19 Benefits page and fill in the form correctly with the most appropriate details to apply.
Note: If you do not submit all the information requested, your application will not be processed.
Sincerely,
Cheryl C Hall
COVID-19 Support.
Granite School District
This one looks very legit.
BUT, There is no such thing as COVID-19 Benefits in our district that we know of or have been told about.
The link in the e-mail goes to this website and asks for credit card information Always mouseover links to see where they go! https://s-u-p-p-o-r-t.cabanova.com/
Does that look or sound legit from your employer? If they are going to give ME benefits why do I GIVE them MY Credit Card info?
Example #3
From: no-reply <ejfhtdta@reidosesquentadores.pt>
Subject: Eviction warning #118377150
Dear tenant,
We are contacting you on behalf of our valued customer, Tanego Real Estate Group. They informed us that the apartment sub-owner hasn`t been paying the sum he were supposed to during last 3 months.
In accordance to to the contract terms § 5.7, we are going to use the right for an immediate eviction of current tenant and to return the property to it`s previous owner.
However, we understand all the complicity of your situation and would give you a chance not to be responsible for other people violations.
You can file a complaint using the form attached and forward it to debt@stacollect.com.
Existing leasing contract #118377069 between Tanego and the landlord may also be found by the next link: Application Form
Regards,
Capital Collections LLC
Subject: Eviction warning #118377150
Dear tenant,
We are contacting you on behalf of our valued customer, Tanego Real Estate Group. They informed us that the apartment sub-owner hasn`t been paying the sum he were supposed to during last 3 months.
In accordance to to the contract terms § 5.7, we are going to use the right for an immediate eviction of current tenant and to return the property to it`s previous owner.
However, we understand all the complicity of your situation and would give you a chance not to be responsible for other people violations.
You can file a complaint using the form attached and forward it to debt@stacollect.com.
Existing leasing contract #118377069 between Tanego and the landlord may also be found by the next link: Application Form
Regards,
Capital Collections LLC
NOT Legit!
Indications the message is fake:
- The e-mail claims to be from Capital Collections LLC, but uses two e-mail addresses with seemingly unrelated domain names. The message was sent from @reidosesquentadores.pt and a completed form is to be sent to @stacollect.com.
- The message does not mention specifics, such as the name of the realty property in question. Given details sound impressive, but are not immediately verifiable.
- A need for immediate action, the threat of eviction.
- The reader is encouraged to open an attached zip file or click on a link.
- Grammatical errors and awkwardly-constructed phases indicate a non-professional writer who possibly doesn't speak English as a primary language.
Example #2
From: Dr. Garett Muse <headofschool301@gmail.com>
Sent: Monday, April 9, 2018 9:01 AM
Subject: Follow Up
Are you available ?
From: Dr. Garett Muse <headofschool301@gmail.com>
Sent: Monday, April 9, 2018 9:08 AM
Subject: Re: Follow Up
OK. I'm in a meeting right now, that's why i'm contacting you through here. I should have call you instead of mailing you but phones are not allowed to be use during meeting, I really don't know when the meeting will be rounding up but i will be back in school before the faculty meeting at 2;20pm, i want you to help me out on something very important right away.
From: Dr. Garett Muse <headofschool301@gmail.com>
Sent: Monday, April 9, 2018 9:11 AM
Subject: Re: Follow Up
Ok, can you help me get an iTunes Gift Card from the store right now, i will surely reimburse you back immediately am out of the meeting. I need to send it to someone right now and it very important.
Indications this is a scam:
Sent: Monday, April 9, 2018 9:01 AM
Subject: Follow Up
Are you available ?
From: Dr. Garett Muse <headofschool301@gmail.com>
Sent: Monday, April 9, 2018 9:08 AM
Subject: Re: Follow Up
OK. I'm in a meeting right now, that's why i'm contacting you through here. I should have call you instead of mailing you but phones are not allowed to be use during meeting, I really don't know when the meeting will be rounding up but i will be back in school before the faculty meeting at 2;20pm, i want you to help me out on something very important right away.
From: Dr. Garett Muse <headofschool301@gmail.com>
Sent: Monday, April 9, 2018 9:11 AM
Subject: Re: Follow Up
Ok, can you help me get an iTunes Gift Card from the store right now, i will surely reimburse you back immediately am out of the meeting. I need to send it to someone right now and it very important.
Indications this is a scam:
- The sender name is presented as "Dr. Garett Muse". For an official district e-mail address, the name would be formatted as "Muse, Garett D".
- The sender address is headofschool301@gmail.com, not an @graniteschools.org address.
- A vague initial message, "Are you available ?"
- Odd phrasing and improper punctuation/capitalization indicate possible use of English as a second language.
- Strange logic. If he's stuck in a meeting where he can't use a phone, how is he sending the e-mail? Why can't he just order the iTunes gift card himself?
- Vague details about why he needs the gift card, who it's for, and why it's important.
- Recipient is not someone who would typically handle this type of request from the supposed sender.
Example #1
I hope you can figure this one out!
Don't fall for it!
Postmaster? .com? - Neither are correct. Delete it and move on. Opening an "Outlook item" could cause damage to your Outlook and steal your contacts!
Postmaster? .com? - Neither are correct. Delete it and move on. Opening an "Outlook item" could cause damage to your Outlook and steal your contacts!
What should you do if you get these |
What if you DID respond |
|
|
