PHISHING ATTEMPT: New Month Transcript.docx

How does this phishing message work? (draw engagement?) (capture your attention?)

This phishing scam impersonates a principal to create a sense of authority and urgency with the document.

There are a few ways to tell this was a phishing scam;

• The email address does not match the username or follow NISD naming scheme

• The resource is marked as being shared from outside our organization

Tips if something looks phishy:

Double-check the senders email address before responding or clicking any links

Look to make sure the sender's email address is correct. You may need to hover over the senders name or tap the display name of the sender on a mobile device, check for misspelled names, domains, or substitute letters (such as an capital "i" for an "L"). If the sender looks correct you can verify the URL by hovering over it on your PC and looking in the bottom left corner of the browser window. If you are on mobile you can press and hold (don't click!) to open a preview window to verify the URL. Don't click links you don't trust!

Follow up with the sender separately

If you were not expecting a message from someone follow up with a separate email or call/text to confirm.

Report it

• Open the message

• Click the red "hook" in the top right of the message

• Log in using your @nisdtx.org or @student.nisdtx.org account

• Click "Report"

If you are unable to log in to report the message forward the message to phishing@nisdtx.org

Original Message:

Return to The Phish Tank or Digital Citizenship