Phishing may sound like fun, but it’s not. Phishing emails are targeted toward a specific individual or a small group using personal details and contain a link or an attachment to initiate a cyberattack. The email will look harmless. For example, it could look like an email sent from DoT with a request and an attachment that we are asking you to open. But it may not be from us.
So how do you know the safe emails from the scary ones? A little skepticism will go a long way in protecting yourself from phishing attacks. Ask yourself:
- Does the email seem off or unlike something you would normally get from the sender?
- Is email address correct (look for slight differences). If it’s an internal SFUSD sender, does it include their picture and contact info?
- If it does seem off, send a new email--using the email forward function--to the supposed sender at the email address you usually use to contact them to confirm the suspicious email was from them. Don’t hit reply, as you could be replying to the cyber-attacker.
- You can also forward it to the DoT Help Desk by emailing: firstname.lastname@example.org
If you think you have been the target of a phishing attack, let us know; we’re here to help! Please reach out to the DoT Help Desk by emailing email@example.com so that we can make sure the security of your computer and SFUSD systems hasn’t been compromised.