Skip to main content
Concord Academy

Suspicious Email Message Guide

About this document

If you need help, stop now and contact us for support!  (tech_support@concordacademy.org or 978-402-2297)

This document seeks to help you understand what phishing is and what to do about it. This is a “living” document. We will attempt to keep it up to date as technology changes and to further clarify the instructions.

Identifying and Recovering from a phishing “attack”

First and foremost - These attacks are insidious. It can be very easy to fall for them, even if you are the most conscientious person in the world. As always, it is the way you handle it after you discover the fraud that makes all the difference.

Email security

First, determine if your email account has been compromised and, if so, take control of your account:

  1. Go to your Gmail inbox and go into Settings: Click the “gear” icon at the top right and click on “Settings”.

2. Scroll to the bottom of the page, click on the “Details” link.

details.png

3. In the window that opens, review the list of sessions. If there are sessions or locations listed which you do not recognize, please sign out of all active sessions and contact tech_support@concordacademy.org to change your password immediately.

 

4. Next, please click on “Forwarding and POP/IMAP” in your settings (If your account has been compromised, the hacker may have set your account to forward new emails to their own system).

5. At the top in the “Forwarding” section: Delete any email addresses, that you do not recognize, where your account may be forwarding to.

 

6. Click on Filters and Blocked Addresses. People in your address book may be emailing you telling you to warn you that your account may have been compromised — the hacker may have set up filters so that you don’t see those incoming emails!

If you see any filters that you are not familiar with, then it is likely that your account has been compromised. At this time, you should delete those filters that you are not familiar with.

 

7. Once you have followed these steps, please email tech_support@concordacademy.org to make an appointment to review Google’s Security Checklist and change your password.

General guidelines if you think any of your accounts have been compromised

  • Was your email hacked?

  • Did you give out a credit card number?

  • Did you give out banking information?

  • Did you wire money?

Other accounts

  • If you used this particular password with any other sites sites, you should immediately change those passwords as well including other email accounts, bank accounts, etc… (See “Personal Information Security” section below).

  • Contact friends, family, and associates who are in your address book and let them know that your account was compromised and they should look out for questionable emails from you.

  • If you have any questions or concerns, contact us!

Personal Information Security

If you feel any other personal information may have been compromised:

  • Bank accounts - Contact your bank immediately. They should have a process in place to secure your accounts.

  • Credit Cards - Call the issuer immediately. They will be able to lock the card and issue you a new one. Ask them about removing any fraudulent charges.

  • Web Accounts - This one is more complex.

    • Change all passwords immediately.

    • If you use the same password for different sites, make sure to change it everywhere and use different passwords for each site.

    • There are many password managers out there to keep your passwords organized. (We recommend Dashlane. It syncs between desktop, Android and iOS devices.)

What is “phishing?”

The dictionary definition of phishing is: the way in which criminals create replicas of commercial Web sites. It is also also a way of defrauding an online account holder of financial information by posing as a legitimate company.

Anatomy of an Attack

It is normally done through email, although phone calls are also common. The email could come from a trusted source, or in the form of a spoofed (fake) email address from a legitimate institution (the false IRS and Windows Technical Support calls going around are a good example of this one). 

The common denominator is that a phishing attack will attempt to convince you to open an attachment or to send them personal or financial information of your own free will.

Prevention

  • If you get an email from a financial institution asking you to access an account, call the institution on a number that is not associated with the email to verify the request (we say this because some phishers will put a false phone number in the email, hoping people will call it, rather than the correct number). This has the added benefit of alerting the institution of a problem quickly.

  • If you get an email from a coworker looking for account or personal information, call that co worker to confirm he or she sent the email. Again, this can be an early warning of an attack. If you cannot contact him or her, speak to his or her supervisor. If this kind of request happens frequently, set up a system in house to verify the identity of the requestor.

  • If you get an email from a friend or family member requesting money, attempt to contact them by other means.  (For example, the author received an email from her mother, requesting money to bail her out of jail in Ukraine. This was not quite as unbelievable as you may think, which means the attackers knew a great deal about the victim.)

Password guidelines

  • DO NOT USE A SINGLE WORD, NAME, OR COMMON PHRASE

  • Use at least 8 characters

  • Include punctuation, letters, spaces and numbers

  • Use a password “wallet” or management system (such as DashLane or Zoho Vault)

  • Change your passwords on a regular basis