Attempted Phishing Attacks on NISD

Spear Phishing Attempt

September 2023

A real phishing attempt targeting NISD received on September 18, 2023.

What makes this a phish?

This sophisticated spear-phishing scam used a compromised account from a trusted source to direct high-profile targets to a custom landing page built to look identical to our NISD login page.

There are a few ways to tell this was a phishing scam:

The URL at the top of the landing page is not our normal URL
The URL ends in .ru, which is a Russian domain
The users receiving this email were not expecting a file from the trusted source

How to tell if something is phishy.

Double-check the sender's email address before responding or clicking any links.

Look to make sure the sender's email address is correct. You may need to hover over the sender's name or tap the display name of the sender on a mobile device. Then, check for misspelled names, domains, or substitute letters (such as a capital "I" for an lowercase "L")

Check the link.

If the sender looks correct,

On a PC: You can verify the link by hovering over it on your PC and looking in the bottom left corner of the browser window
On a mobile: You can press and hold (don't click!) to open a preview window and verify the link.

Don't click links you don't trust!

Follow up with the sender separately.

If you were not expecting a message from someone follow up with a separate email or call/text to confirm.

Still seem phishy?

Report it!

How to report phishing in NISD:

Open the message
Click the red "hook" in the top right of the message
Log in using your @nisdtx.org or @student.nisdtx.org account
Click "Report"

If you are unable to log in to report the message, forward it to phishing@nisdtx.org.

Page updated

Report abuse