Dear Families,
The safety of our students, both in person and online, is a top priority. We want to make you aware of a phishing email that may have briefly appeared in some students’ SRCS email accounts yesterday afternoon.
What Happened
Late yesterday, our team was notified that a phishing message promoting a “relocation sale” offering discounted items was sent to a number of student email accounts from a compromised employee account. The message asked recipients to respond using a personal email address to “learn more.” We have confirmed that similar messages were also sent to other school districts in the county.
Our Response
Our IT Services team responded immediately and took swift action to contain and address the issue. Steps included suspending the compromised account, identifying the fraudulent message and removing it from student inboxes. This morning, schools also followed up with students about this email and instructed them to contact our IT Services team if they responded to the email.
Next Steps
As a precaution, we encourage you to check in with your child to confirm that they did not reply to the email. If your child did respond and provided a personal email, we recommend changing that personal email password as a best practice. If any financial information such as a credit card or bank account number was shared, please review your accounts and contact your financial institution to report any suspicious activity.
SRCS has multiple safeguards in place to protect our students, staff and systems, and to quickly respond when suspicious emails enter our network. Situations like this also provide an opportunity to reinforce important digital safety habits for students and families - please see the information below.
Thank you for your partnership in helping keep our students safe online.
Sincerely,
SRCS IT Services
it-services@srcs.org
What is Phishing?
Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication. Attackers often pose as district or school leaders or other staff, and sometimes ask the individual to click on an attachment that is corrupt or provide personal information.
Because phishing emails can sometimes look convincing, a healthy amount of caution is essential.
When reviewing an email, consider:
- Do you recognize the sender’s email address?
- Does the message seem unusual or unexpected from this sender?
- Is the sender asking for money, personal information or passwords?
- Are you being asked to click a link or open an attachment?
If a message seems questionable:
-
Do not reply to the message or click on the links or attachments.
- Report the message as spam/phishing on the message itself from your inbox.
- Forward the email to IT Services at DOsupport@srcs.org so we can investigate.
|
|
