Monday, December 12, 2011

Don't Get "Phished" this holiday season



We are seeing a heightened number of malicious emails being sent to Judson ISD and other email users.  While these are usually caught and listed in your morning SPAM Summary or blocked by your SPAM filter, many of them might appear to be from a legitimate sender and some may get through.  Most of these emails are ones that either will take you to a web site that will try to install malicious software on your computer (malware) or they are “phishing” emails which attempt to get you to type you Judson ISD, bank, credit card, Amazon, or other credentials into their web site, so they can use these credentials for their nefarious purposes.  Phishing emails are often designed to look like they are really from organizations you work and do business with, but usually the link in the email takes you to a site (which may also look very real) where you are asked to provide your login, bank account, or other data.  Please always delete theses emails, and never click on their links.

If you get an email that appears to be from your bank, Judson ISD, or your credit card company asking for you to click a link to update your data, or  change a password, the safest action is delete the email.  If you feel there is a chance of the email being legitimate, the safe course of action would be to open up your web browser, and manually type in the site address of your bank, portal, or what have you, then login and find out if any action is needed on your part.  By manually entering in the web site address rather than clicking on the link in the email, you are avoiding being taken to a site trying to steal your login credentials, credit cards numbers, etc.

If you think you credentials for any system or site have been compromised, please change your passwords, or call the company (or the Judson ISD Help Desk) for immediate assistance.

Below are example of two emails – one legitimate and one an example of a “phishing” email.  Notice how real both of them look:


The phishing example above and many more resources are available at the Multi State Information and Analysis Center web site.