Throughout history, scam artists have used the culture and technology of the day to do their work, and the 21st Century is no different. Today, email is often used, and much of the world’s problem with viruses and identity theft is the result, not of computer or technological issues, but of us actually clicking on something that we should not.
While Gmail is incredibly successful at identifying spam and preventing it from reaching the inboxes of users, it is still fairly easy in most cases to detect spam. In any case in which an email may be spam, it should simply be deleted.
Protecting the data of students and staff members is a critical responsibility of all District 207 staff members.
Ways to detect a phishing scam…
- What is the actual email address, rather than the name, in the “From:” line? Normally, it is some form of “mumbo-jumbo” that changes daily. If it is not from the organization’s actual URL (after the @), it is not real. Often times today, real email addresses will be spoofed with it appearing to actually be from someone within the organization or your Contacts. In these case, the best first line of defense
- What is the actual email address in the “To:” line? If you are bcc’ed, and no one is listed in the “To:” line of the email, this may be an indication that this email is spam.
- Is there a company logo, a privacy statement, or anything of the kind? If not, it’s probably not real. Even if there is a logo, it may not be real. Those are easily copied or linked to on the Internet.
- Watch for inappropriate grammar or use of English – While real people and companies make mistakes, grammar errors and awkwardly worded language are often indicators of spam.
- Is it written like a real e-mail given the organization and purpose? Airline ticket reservation emails do not begin with “Hello!”. This would be an example of an indicator that an email is likely spam.
- Never enter your username and password in to a site simply because an email asks you to do that. The number one goal of most phishing scams is to get access to your account. Typically, they will do this by trying to trick you in to entering your username and password into a website after clicking on a link or image in the email. Take care to think through whether or not, you would need to be entering this email and why it is asking you for this information. The District 207 Technology Team will not request your password.
- Report the spam or phishing to Google – You can help protect others by reporting a spam email to Google using the “Spam” button above the Gmail message with the stop sign and the exclamation point.
Finally, if you are really unsure about something, call and talk with an actual representative of the organization from a known customer support number.