You May’ve Been Phished Recently

Posted by Emil Ahangarzadeh on 2/6/2017

And we were doing so well! As you should all know by now, the TIS department conducts cybersecurity assessments from time to time by sending out phishes. It’s all part of our Securing the Human initiative wherein we are working toward creating a safer, more secure environment for our students and employees when it comes to digital network use and digital devices.

In our most recent assessment, 13% of employees that opened the suspicious email took action on the email (i.e. they clicked a link that could’ve downloaded malware or compromised our secure data). That’s up from just over 1% last month!

Admittedly, we are ratcheting up the sophistication of the phishes because we want to strengthen our defenses. So let’s take a look the email and analyze it for clues.
email analysis


1. If the message is from a district employee named “Lucienda Gomez”, it’s more likely that the email address would’ve come from the @sausd.us domain instead of the G Suite domain we use to communicate with students.

2. If you hovered over the link, you would see in the lower left corner of your browser that the link directs to http://support.sphotos-fbcdn.com/86a9e4a5e5?l=9 . This is suspicious inasmuch as the text of the link in the message purports to send you to what would reasonably be a page on our website. But the domain being directed to has nothing to do with our sausd.us domain. These are two points that should heighten your level of suspicion.

At the very least, you can pick up the phone and call Building Services to see if someone from that department actually sent this message. Or, you can forward this email to tislearns@sausd.us and have us take a look at it for you.

Mistakes can happen to all of us. We want to encourage you to stay vigilant and put up your shield when it comes to email—both in your professional life AND your personal one.

For more information, contact the Help Desk at (714) 480-4741.