Skip To Main Content

Find It Fast

Staff Directory

What is Phishing?

Phishing is a type of cyber attack where someone pretends to be a legitimate or trusted individual or entity to trick you into sharing sensitive information. This often occurs through emails, text messages, websites, or phone calls. The goal of a phishing attack is to gather confidential information, which may include:

  • Your username and password, which can lead to unauthorized access to personal or professional accounts.

  • Sensitive information, such as personal details about yourself, colleagues, or your organization. This may include internal documents, client information, or proprietary data.

  • Financial information, including bank account details, credit card numbers, or requests to make purchases, such as gift cards or wire transfers.

To view all banners the district applies to emails, please visit the Information Technology Internal Site (login required). To view real Phishing examples, please visit the PhishBowlhttps://www.fresnounified.org/departments/it/cybersecurity/phishbowl

Phishing is the #1 cause of data breaches, identity theft, and financial loss for individuals and organizations alike. These attacks can result in stolen identities, compromised accounts, and significant financial damage.

To understand phishing in greater detail, it’s important to recognize that it is a form of social engineering. Social engineering is a manipulation technique where attackers exploit human psychology rather than technical vulnerabilities. These attacks prey on emotions like curiosity, fear, urgency, or trust. Examples include:

  • Gift Card Scam: This type of scam often involves an attacker posing as a trusted individual, such as a manager or colleague, and asking the recipient to purchase gift cards. The attacker typically creates a sense of urgency to pressure the victim into acting quickly without verifying the request.
  • Principal Impersonation: Attackers impersonate school principals or administrators, sending emails to staff or parents to request sensitive information, payments, or other actions. These messages are crafted to appear authoritative and urgent.

Another impersonated principal

  • HR Has Shared a Document: In this scam, attackers send an email pretending to be from the Human Resources department, claiming a document such as a policy update or tax form is shared. The email often contains a malicious link or attachment designed to steal credentials or infect devices.

Protect Yourself Against Phishing

  • Email Impersonation and Unsolicited Links: Attackers impersonate trusted senders and include unsolicited links in the email body. These links often lead to phishing websites or malware downloads. Always verify the sender and avoid clicking unexpected links.

Email Impersonations and Unsolicited Links

  • Email to Text: This scam begins with an email designed to transition the conversation to text messages. Attackers use this tactic to avoid detection and create a sense of urgency, often requesting money, gift cards, or sensitive information through text communication.

Principal Impersonation Phishing

Preventing phishing requires awareness and vigilance. Always verify unexpected or suspicious requests, use multi-factor authentication, and ensure that you are accessing websites directly rather than through embedded links in emails or messages. Educating yourself and others is crucial because the best defense against phishing is informed and cautious behavior.

Report phishing to: phishing@fresnounified.org