PhishBowl

Staff should always double‑check website addresses and be on the lookout for “look‑alike” domains that try to mimic trusted sites with subtle changes, such as extra letters, swapped characters, or different endings (for example, .com vs .co).

Scammers are becoming clever with changing how they are attacking their victims. Scammers tend to impersonate the following areas:

We’ve recently seen a surge in phishing emails targeting both district and personal email accounts. These messages often appear to come from trusted colleagues, including a recent example impersonating Misty Her, asking recipients to purchase gift cards.

You may have received an email regarding completing a document or reviewing a file. These emails often appear to come from someone you know or a trusted source, but in reality, they may be phishing attempts designed to steal your personal information or compromise your account.

According to CNBC, millions of people have been victimized by Quishing as more and more bad QR codes appear in public places. Quishing refers to QR code phishing, which is scanning an unverified and malicious QR code.

In May 202th, a phishing campaign emerged which impersonated several U.S. state Department of Motor Vehicles (DMVs). The phishing campaign utilized SMS phishing (smishing) and deceptive websites to harvest personal and financial data. Victims may have received text messages regarding unpaid toll violations, and would be redirected to fake DMV websites that would take payment for a fake toll. These cloned websites would request personal information and credit card details to verify a victim's identity. These phishing campaigns have been analyzed to indicate that these attacks are coming from a China-based threat actor. 

The Department of Motor Vehicles has a public notice that Californians are receiving deceptive text messages that appear to come from the DMV. These texts warn that the customer has failed to pay a toll. The DMV will never send a text message to ask for personal or financial information. If one is received, do not open or reply to the message. 

As K-12 education increasingly provides more global learning experiences, schools increasingly send staff and students abroad for cultural exchanges, academic competitions, service trips, and more. While these trips offer incredible educational value, it also exposes the school staff, especially trip leaders and chaperones, to serious digital and data security risks.

FBI Denver Field Office agents have increasingly see a scam that involves a free online document converter tool. These free online document converter tools load malware onto a victim's computer and leads to incidents such as ransomware. 

The common pitches utilized by online scammers trying to get you to panic and click on a link, hand over personal information or money, or download an attachment has become ineffective. Per Kendall McKay, strategic lead for cyber threat intelligence at Cisco's Talos division, says that phishing email subject lines moved from phrases such as "urgent request" or "payment overdue" to terms like "request," "forward" and "report."