I am sending this to alert you to some Cybersecurity threats we have seen recently across our board. The primary threat we are seeing right now is Phishing emails. Links or file attachments in these emails can cause malicious software (Malware) to be installed on your devices. Malware can have a number of different consequences, including locking out or deleting data, infecting your computer with viruses, and scanning your device for passwords, account information, and other personal data.
In the recent cases we have seen, a variant of Phishing, called Spear Phishing, has been observed. In Spear phishing, cyber-criminals research specific individuals within organizations and send emails to them that seem to be coming from someone they know, such as a work colleague. These emails can be detected by hovering over the name of the sender to see if you see their actual email address, or checking the signature – a Spear Phishing email will often have the formal username of the sender rather than their usual signature (for example, Alistair MacLeod rather than just Alistair).
Some important ways to protect yourself are:
- Do not click on links or open attachments in emails that are in your Spam folder.
- If someone sends you an email with a link inside it, make sure that the link looks genuine, and hover over the link to make sure it matches the text of the link (try the ones in this email if you like).
- If you have any doubt whatsoever, DO NOT click the link or open the file – delete the email, or ask the sender if they sent you an email with the link in it (do not click ‘Reply’ in the email to make this request).
- School board computers will have antivirus software installed. This software, if up to date, will detect most Malware attacks, but cybercriminals are getting more and more sophisticated in their attacks. On personal devices, make sure that you have up-to-date antivirus software installed.
We will be sending out additional cybersecurity awareness information in the near future, but I wanted to send this out immediately as there have been several cyber-attacks this past week.