Don’t take the Bait: A Guide to Phishing and How to Protect Your Inbox

We receive countless emails daily from a variety of sources. But how can you tell if an email is genuine or if it's trying to deceive you? Malware​, phishing, and cyber attack attempts on the Highline network have increased significantly and are expected to increase for the foreseeable future. 

It's now more crucial than ever to understand the dangers of phishing. Cyber attacks can disrupt education services, causing significant disruptions and financial costs that impact everyone in the district.

What is a Phish?

Phishing, aptly named as it "fishes" for unsuspecting victims, is a technique where cybercriminals lure individuals into opening malicious links or attachments that can compromise personal data or infect electronic devices. These schemes can be challenging to identify. It is essential to exercise caution when interacting with emails, links or attachments. 

What They Look Like 

Phishing messages, often called "bait," come in the form of emails, social media messages, texts, or even phone calls. These messages are designed to appear trustworthy. 

There is no perfect formula for detecting a phishing scam. Here are some things to look out for: 

• Pay extra attention to emails from outside the organization. They come with a message on the top: “CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.”
• Check the sender's email address: Phishing emails often use fake email addresses that look similar to legitimate ones. (e.g., highlineschoolsgmail.com)
• Think before you click: Be wary of clicking links or downloading attachments from unknown or suspicious sources. If the email looks suspicious, think twice before clicking on a link or a download. Clicking links is the most significant risk to data security.
• Phishing emails often contain urgent or alarming language; many are often poorly written with spelling errors or unusual language.
• If the email requests sensitive information, phone to confirm the request--especially if you are pressured to act quickly. Don't call a number from the email; look up the number yourself. 
• If you believe the email is spam or phishing, mark it as phishing to let our security specialists know.

How To Report Phishing

The Microsoft Outlook Report Feature automatically forwards suspicious emails to Highline and Microsoft’s Security Engineers. 

When on Outlook on the web or with the new version of the Outlook application: 

1. Find and click on the "Report" button, usually located near the top or within the email options. 
2. From the dropdown menu that appears after clicking the "Report" button, select the "Report phishing" option. 
3. A pop-up or confirmation window will appear, asking if you're sure about reporting the email as phishing. Click "OK " to proceed.

Unsure if it’s a Phish? 

1. Exercise caution - Do not click or download anything.
2. Report - Utilize the Microsoft Outlook Report Feature. 
3. Reach out - Contact the Service Desk.   

Service Desk Contact

• 206-631-7676
• servicedesk@highlineschools.incidentiq.com
• highlineschools.incidentiq.com

All staff must do their part in protecting our data. Everyone plays a role in maintaining cybersecurity. It is important for all staff to be aware of potential threats and take appropriate actions to prevent them.