Oops!
Oops, you have been phished…
…as part of a routine security check conducted by Conroe I.S.D. Technology.
As part of a routine internal internet security campaign, you have been phished. In this instance, you opened an email from an outside testing source associated with our internet safety program, clicked the link, and entered sensitive personal data. At that point you were redirected to this official CISD page to learn more about how to better recognize phishing messages and what to do when you receive a suspicious message in the future. Conroe ISD did not collect or store your login credentials.
How could this message have been identified as a phishing attempt prior to opening?
- [External] Subject Prefix and Caution Header
All messages that originate from outside of Conroe ISD are marked with an [External] prefix on the subject line, and a yellow ‘Caution’ header at the top of the message. Any email that appears to come from inside the district but contains these characteristics is a spoofed message and should be reported and deleted. - Sending Email Address
The message appears to be a notification from an official source but is sent from an unrelated address. Be suspicious when messages like this claim to be related to one service but the email address of the sender is something completely different. - Unexpected, urgent or demanding action required
Be suspicious of unsolicited email messages that attempt to create a sense of urgency by claiming things like this such as “View Now!”, “Important: Please read immediately”, or “Your account will be terminated!”
The attacker is attempting to take advantage of your concern and trick you in to providing confidential information. - Suspicious link in the message
The link in the message is not taking you to the destination you believe it is.
To identify the location a link is taking you to, take the following steps:
- From a computer:
- Hover your mouse pointer over the link, but do not click on it. A text box will show up that reveals the true destination of the link.
- From a mobile device:
- Press and hold down on the link until a window shows up that reveals the true destination of the link.
How can you protect yourself if you receive an unknown or suspicious email?
- Do not open any attachments. If you receive an attachment that you are not expecting, confirm with the senders that they did indeed send the message and meant to send an attachment.
- Do not click any links provided in these emails (or cut and paste them into a browser). This may download viruses to your computer, or at best, confirm your email address to phishers. If it is a URL you recognize, type it into a browser.
- Do not reply, even if you recognize the sender as a well-known business or financial institution. If you have an account with this institution, contact them directly and ask them to verify the information included in the email.
- Do not enter your personal information or passwords on an untrusted Web site or form referenced in this email.
- Report any suspicious messages that claim to be from CISD or contain a suspicious attachment or link to security@conroeisd.net
- Delete the message.
What do I do if I think I have been tricked by a phishing message?
- Immediately change your password via the CISD SSO Password Reset Portal.
- Contact security@conroeisd.net to discuss how to best respond if any sensitive information may have been exposed.