Phishing Detection and Remediation

What is Phishing?

Phishing is a type of fraud where a scammer tricks you into revealing personal, financial, or confidential information by posing as a trusted entity. These scams often urge you to act immediately by clicking a link or opening an attachment that looks official (with logos or familiar branding). Although phishing usually comes by email, it can also arrive via text message (SMShing) or phone call (Vishing).

Warning Signs of Phishing Attempts

1. Unexpected messages asking you to update, confirm, or reveal sensitive information (e.g., Social Security number, account numbers, NetID, passwords, health info).
2. Urgent language pressuring you to act immediately.
3. Unusual or mismatched “From” or “Reply-To” addresses — even familiar addresses can be compromised.
4. Links that do not match the organization they claim to represent (e.g., https://reedsport.k12.or.us vs https://reedsport.k12.or.us.cc).
5. Grammatical errors or awkward phrasing.

What to Do if You Receive a Suspicious Email

1. Verify with the sender by contacting them directly (do not use contact info in the suspicious email).
2. Do not open attachments or click links until you confirm legitimacy.
3. Do not forward questionable emails to others asking for their opinion.
4. Hover over links to check the true destination before clicking.
5. Configure your email client to block images from loading automatically (phishing emails can hide malicious code in images).
6. Be aware that sophisticated phishing attempts may be personalized with your name or details.

How to Report Phishing

If you receive a phishing email in Outlook, use the Report Phish button on the toolbar/ribbon. This will send the message to both the Reedsport Schools IT Department (RSITD) and Microsoft for review.

For more details, see: Microsoft 365 – Report Suspicious Message