Attempted Phishing Attacks on NISD

Smishing Attempt

October 2023

A real phishing attempt targeting NISD received on October 12, 2023.

What makes this a phish?

This phishing scam is titled "RESPOND IMMEDIATELY" to generate a sense of urgency so the target puts their guard down and makes a mistake. By requesting a cell number, the attacker is attempting a "smish" attack (phish over SMS). Note the email address of the sender is a non-district email address.

How to tell if something is phishy.

Double-check the sender's email address before responding or clicking any links.

Look to make sure the sender's email address is correct. You may need to hover over the sender's name or tap the display name of the sender on a mobile device. Then, check for misspelled names, domains, or substitute letters (such as a capital "I" for an lowercase "L")

Check the link.

If the sender looks correct,

On a PC: You can verify the link by hovering over it on your PC and looking in the bottom left corner of the browser window
On a mobile: You can press and hold (don't click!) to open a preview window and verify the link.

Don't click links you don't trust!

Follow up with the sender separately.

If you were not expecting a message from someone follow up with a separate email or call/text to confirm.

Still seem phishy?

Report it!

How to report phishing in NISD:

Open the message
Click the red "hook" in the top right of the message
Log in using your @nisdtx.org or @student.nisdtx.org account
Click "Report"

Attempted Phishing Attacks on NISD

Smishing Attempt

What makes this a phish?

How to tell if something is phishy.

Double-check the sender's email address before responding or clicking any links.

Look to make sure the sender's email address is correct. You may need to hover over the sender's name or tap the display name of the sender on a mobile device. Then, check for misspelled names, domains, or substitute letters (such as a capital "I" for an lowercase "L")

Check the link.

If the sender looks correct,

On a PC: You can verify the link by hovering over it on your PC and looking in the bottom left corner of the browser window

On a mobile: You can press and hold (don't click!) to open a preview window and verify the link.

Don't click links you don't trust!

Follow up with the sender separately.

If you were not expecting a message from someone follow up with a separate email or call/text to confirm.

Still seem phishy?

Report it!

How to report phishing in NISD:

Open the message

Click the red "hook" in the top right of the message

Log in using your @nisdtx.org or @student.nisdtx.org account

Click "Report"

If you are unable to log in to report the message, forward it to phishing@nisdtx.org.