We have discovered a new phishing attempt being distributed to employees in school districts. The subject and sender varies from email to email but here’s what the message looks like:
This is a phishing attempt. Even though there are no links or attachments to open, the idea is to engage you in a trusting exchange online. If you respond, you will receive a cogent reply but that reply (or a subsequent reply) will be the message that includes the triggering event (i.e. link or attachment).
Please share this information with your colleagues and students.
Wi-Fi access is widely available, but many of the free connections are to unsecured public Wi-Fi that will leave your information traveling openly! On an unsecured public Wi-Fi network, cybercriminals can easily access the data you are transmitting due to the fact that your information is not encrypted.
A more secure public Wi-Fi network requires a password or credentials to gain access that is provided by someone acting in an official capacity for the local business and the use of encryption. When looking for an available and more secure wireless network, you will see ones using encryption marked with a small lock symbol next to the name of the network. Some hotels and shops that provide free Wi-Fi to customers provide access to their secure networks by providing you with credentials or an access code when checking in, making a purchase, or on request.
How do you know the Wi-Fi network is one you should trust? Ask someone who should know – the hotel concierge, the barista at the coffee...
Keep an eye out for that little lock icon on your browser, or the “https” in the URL! Sites that are taking security seriously will encrypt the sensitive information you are exchanging with the site. This is a strong way to ensure that your online activities like shopping or submitting personal information are protected.
The small lock icon or “https” at the beginning of the URL are indicators that encryption is currently in use. The lock icon is commonly found in the address bar on the most popular browsers, including Chrome, Firefox, Safari, Edge, and Internet Explorer.
When you are looking for information or products online, make sure you are on the website you intended to visit, or are going to the correct site.
One particular sneaky technique used by cyber criminals is called typosquatting. Typosquatting is when someone purposely owns a website that is similar to a trusted website but with a typo in the address. For instance, the website “thisissafe” might be trusted, but the website “thisisafe” could be a malicious website using typosquatting. People are often linked to these incorrect, but very closely named websites through phishing emails sent out by malicious actors. Many websites look the same, and sometimes criminals or other unscrupulous folks use the names and logos of trustworthy companies to mislead you. In some forms of attack, a user being led to a false, but convincing copy of a known website will be prompted to enter their legitimate credentials, which are stolen by the malicious actor who set up this ruse.