April 17, 2017

District halts email phishing attempt

Recently an Ames Community School District email account was compromised and used to send out thousands of phishing-type emails that contained attachments that do not align with the District’s policies, vision and mission. District leaders are sincerely sorry that the message reached our staff and community members. The district took immediate action to stop the emails and secure the rogue account.

Phishing is the attempt to obtain sensitive information such as usernames, passwords, credit card details, and social security numbers, often for malicious reasons, by posing as a trustworthy entity in an electronic communication. (This Wikipedia article explains more about phishing.)

District Technology Director Karl Hehr said phishing attempts use tactics that are becoming more and more realistic.

“It’s important to stay vigilant when reading and responding to emails, and to know how to spot a phishing attempt.” Hehr said.  

Signs of phishing:

  • Odd or incorrect “from” accounts. For example, the email may say it’s from John Smith, a known colleague at Ames Community School District, but clicking on the email address to expand it reveals it is not based on John’s District domain address.
  • Misleading or abnormal subject lines designed to get you to respond to the email. If the email concerns a subject and uses vocabulary and tone you wouldn’t expect from that sender, be wary of it.
  • Requests for usernames and passwords. No reputable company, the District included, would ask for login credentials via email or even provide a link to a site to enter them. NEVER provide user names, passwords or other sensitive information by email.
  • Misleading links embedded in the emails. 

What to do:

  • If the email looks suspicious, delete it. Don’t click on embedded images or links.
  • Contact the sender by PHONE, do NOT respond to the email. There are a number of times where the compromised account will be used to try and convince you that it is indeed real.
  • Enable 2-Factor Authentication on your chosen email platform
  • If the email looks suspicious, delete it. (This is worth saying twice.)