Phishing Alert: Attackers copy HCPSS login pages

! WARNING! To trick people into providing their HCPSS credentials, attackers sometimes create a spoof, or copy, of the official HCPSS login pages, including the page with the Digital Citizenship Pledge and the Office 365/Email page.  

All employees should be advised that we have noticed an increase in phishing attacks. Employees are reminded they should read all emails with a healthy level of suspicion, even those sent from @hcpss.org email addresses or that have the name of an HCPSS employee.  

Please note: 

  • HCPSS does not email employees telling them that their password is expiring and to click a link. Instead, HCPSS would notify you that your password needs to be changed upon login.   
  • If a link directs you to a login page and you are unsure if it is the official HCPSS site, close the window and navigate to the appropriate login page on the Staff Hub or hcpss.me websites. You may be able to identify a spoofed page by looking at the login screen’s URL.  
screenshot of real login page

 

 

screenshot of fake login page

 

To defend yourself against these cybercriminals sign up for multi-factor authentication today by following the directions on the Technology Resources community in Canvas. 

Employees are encouraged to forward any suspected HCPSS phishing emails to abuse@hcpss.org, and then delete the message. Spam text messages can be reported by forwarding the message to 7726 (SPAM). If assistance is still needed, contact the Technology Support at TechSupport@hcpss.org or 410-313-7004.