Weston students victims of phishing emails
WESTON — Hackers have targeted Weston students in a recent phishing scheme.
Craig Tunks, director of digital learning and technology, said high school administration recently notified the technology department that a few students received emails indicating their accounts had been hacked.
“In actuality, this was not the case but instead, they were examples of phishing attempts,” Tunks said.
To ensure families were made aware of this incident, Tunks sent a notice to families and staff on Monday.
“The hacker email may contain messages saying they have obtained access to your account and are demanding money to ensure that you do not lose access,” he wrote in the letter. “This is an attempt to exploit information or money through this threat.”
Tunks said the phishing email may contain messages asking if the recipient is available or on campus. If the respondent engages the email, he said they may indicate they are in a meeting or have an emergency and request for iTunes gift cards to be sent.
The emails also may contain messages stating hackers obtained access to the person’s account and are demanding money to ensure they do not lose access.
“These are phishing messages attempting to gain confidence through the apparent sender’s name or threats. Do not engage any of these messages,” Tunks wrote.
Staff, students and parents are asked to pay close attention to email addresses attached to these emails to verify they are correct. The community is asked not to respond if the name is familiar, but the email address is not in the correct format.
At no time should an administrator or colleague request personal information or purchases via email and without context, Tunks added.
“As a general rule of thumb, if your intuition is picking up on something not being quite right, you should call or email the help-desk before responding,” he said.
If anyone receives a concerning message, they are asked to forward it to firstname.lastname@example.org. After forwarding the email the recipient can indicate it as spam through Google. Both staff and students are encouraged to change their passwords regularly.
“We continue to invest in and refine our phishing and virus protection software both on our machines — servers and desktops and on our firewalls,” Tunks said.
When a new attack breaches those defenses, he noted the schools take steps to block the sender, shun any URLS sent and attempt to remove the item from inboxes.
“However, we will not be able to block all attacks, so the best defense is an informed user community,” Tunks said.