Phishing Alert: How Teachers Can Spot and Stop Malicious Emails

Overview

Phishing is a deceptive cyberattack where criminals masquerade as trusted sources (colleagues, IT, parents, or vendors) to trick you into revealing login credentials or downloading malware. Because educators handle confidential student data (FERPA-protected information), their accounts are prime targets.

Your Phishing Checklist: 5 Red Flags to Watch For

Always pause and inspect any email against this checklist, especially those asking you to log in, click a link, or open a file.

1. Look Closer at the Sender

Wrong Email Address: The displayed name looks correct (e.g., "Principal Smith"), but the actual email address is wrong. Check the full address for misspellings or public domains (e.g., principa1smith@gmail.com instead of @psd1.org).
Impersonating Leadership/Parents: Be suspicious of unexpected, unusual, or urgent requests from high-level executives (Superintendent, HR) or a parent you don't recognize.

2. Sense of Panic or Urgency

Threats: The email warns that something bad will happen immediately if you don't act (e.g., "Your email account will be locked in 30 minutes," or "Failure to update this invoice will stop payroll").
Impulsive Requests: This tactic aims to force you to act quickly before you can think critically about the email's legitimacy.

3. Poor Quality Content

Spelling & Grammar: Official district communications are professionally reviewed. Phishing emails often contain obvious typos, awkward phrasing, or inconsistent formatting.
Generic Greetings: The email uses vague language like "Dear Educator" or "Valued Customer" instead of addressing you by your actual name.

4. Requests for Credentials or Confidential Data

Password Requests: IT will NEVER ask for your password via email. Any email link that takes you to a login page must be treated with extreme caution.
Unexpected Attachments: Be wary of unexpected attachments (like "invoices" or "updated rosters"), especially those from unknown senders or with dangerous file types like .zip or .exe.

5. Mismatched Links (The Most Critical Step)

Hover and Verify: The text of a link may say one thing, but the destination URL is something entirely different.

ACTION: On a desktop, hover your mouse over the link without clicking. The true URL will appear in the corner of your screen. If the URL looks suspicious, misspelled, or unrelated to the site it claims to be, DO NOT CLICK.

Immediate Action: Report and Delete

If you identify an email as a possible phishing attempt, follow these steps to protect yourself and the district's systems:

DO NOT Click the link, reply, or open the attachment.
Report It: Use the designated Report Phish button in your email client, or forward the suspicious email as an attachment to helpdesk@psd1.org.
Delete the email from your inbox immediately.

If you are unsure if a request is legitimate, verify it through a known, trusted channel (e.g., call the sender using a published phone number or contact the Helpdesk directly).