! WARNING: To trick people into responding, scammers sometimes use publicly available information to send emails to employees using a fraudulent external email account using their supervisor’s name.
To help staff identify all emails from external sources, messages sent from non-HCPSS accounts will have:
- Subject lines beginning with [External]
- A “! CAUTION” message highlighted in yellow at the top of the email.
Staff should not respond to emails suspected to be fraudulent, and instead reach out to people using a verified email address or another verified communication method.
Below is an example of a common phishing email using this trick. Notice the scammer uses the name of an HCPSS principal but the email is coming from an external email system, gmail.com. Additionally, the email is trying to create a sense of urgency and importance to get the recipient to respond quickly.
From: Jeffrey Fink <jeffreyfink.hcpss.org@gmail.com>
Sent: Wednesday, December 30, 2020 11:44 AM
To: Nick Vissari <Nick_Vissari@hcpss.org>
Subject: [External] FOLLOW UP
! CAUTION: This email originated from outside of HCPSS. Do not click links or open attachments, unless you recognize the sender and know the content is safe.
Are you available right now?
Learn more about phishing attacks on the Technology Support Canvas community.
If you suspect an email to be fraudulent, do not proceed with the directions provided in the email. Employees are encouraged to forward any suspected phishing emails to abuse@hcpss.org, and then delete the email. If assistance is still needed, contact the Technology Support at TechSupport@hcpss.org.