Phishing scams are social engineering attacks and are one of the most prevalent, and dangerous, types of cybercrime that individuals and organizations around the world are currently facing.
Phishing is a term that originated in the 1990s and alludes to attackers using online lures to “fish” for users’ sensitive information.
In a phishing scam, a target or targets are contacted by email, telephone or text message by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
Below is a sample phishing email. Click on the various i icons to learn about the signs you can detect to help you determine if an email is a potential scam.
Frequently Asked Questions
How come phishing scams “get through” to us?
How can it impact the district?
As we’ve seen many times in the news, the damage from phishing threats for organizations can be catastrophic, with many breaches costing millions, harming the organization’s reputation and destroying relationships with stakeholders.
How can it impact me?
How do I keep myself safe?
What about Vishing?
Vishing is a cybercrime that uses the phone to steal personal confidential information from victims. Often referred to as voice phishing, cybercriminals use savvy social engineering tactics to convince victims to act, giving up private information and access to bank accounts.
- Be cautious anytime anyone calls you and creates a sense of urgency/pressure
- Never trust Caller ID (scammers can easier spoof a number to look like it is coming from a legitimate organization)
- Never provide personal information over the phone unless you initiated the call (say for example with your bank)
- If you believe the phone call is a Vishing scam, simply hang up
What about Smishing?
A form of phishing, smishing is when someone tries to trick you into giving them your private information via a text or SMS message. Smishing is becoming an emerging and growing threat in the world of online security.
- Don’t reply to text messages from people you don’t know
- Don’t click on links in text messages unless you know the person they’re coming from
- Simply delete any text message that you believe is a Smishing scam