Tech Tips

  • Examples of Phishing/Scam Emails in the District

    Posted by Juancho Forlanda on 2/4/2019

    Lately we've seen email scams designed to steal your login credentials or just simply steal money from you.  Below are real examples we've seen reported.  It should help you discern the bad from the good.

    The one below is an email that makes it look like someone has taken over your account because the email looks like it came from your own account.  It is trying to scare you into paying some money through bitcoin.

    fake security notice

     

    The one below is an email spoof from an external email source, sending an email out on behalf of the Superintendent.  The email claims there is an attachement you must open.  And in that attachment, there is a link that will take you to what looks like a login prompt.  

    spoofed email from sup

    Comments (-1)
  • 2018 Phone Quick Start Guide

    Posted by Juancho Forlanda on 10/15/2018

    You may have already received your new phone, but it didn't come with a manual.  Fortunately, it is available and you can get it here:

    Please review it so that you have a good understanding of how to quickly take advantage of the features your phone has.  If you have any questions about it, please don't hesitate to contact our helpdesk online via https://helpdesk.stocktonusd.net/ or call ext. 4357 (H-E-L-P).

    Comments (-1)
  • How to Reset Your District Password

    Posted by Juancho Forlanda on 10/9/2018

    If you ever forget your password and can't login, you'l need to either contact helpdesk or reset the password yourself.  This video explains how to do it, and it assumes you've registered for the password reset service (see this video).

    Comments (-1)
  • How to Register for Self-help Password Reset Service

    Posted by Juancho Forlanda on 10/9/2018

    If you want the ability to reset your password, you'll want to register for the self-help password reset service.  This video shows you how to do it.  Once you have registered for this service, you will be able to reset your password even if you don't recall your original password by answer a couple of security questions that only you know the answer to.

    Comments (-1)
  • How to Change Your District Password

    Posted by Juancho Forlanda on 10/9/2018

    Occasionally you find the need to change your password.  One scenario where this becomes necessary is if your account has been compromised--say through some phishing emails.  What this video.  It shows you how to change your password.

    Comments (-1)
  • How to Detect Phishing Emails

    Posted by Juancho Forlanda on 9/17/2018

    No Phishing Phishing emails have become very common in todays online world.  Since email is still a very common means of communication and collaboration for businesses--both private and public sectors alike--it remains a very viable means to hack people's accounts.  What is phishing?  Phishing is a play on words because it is a way to "hook" a victim into divulging their online account--be it their email, bank, social media, or online cloud account (like Google for Business or Office 365 from Microsoft).

    Whether you've been a victim of email phishing or not, you'll want to pay attention to this article.  Phishing technics have advanced in a way that it is almost a no contest between the hacker and the victim.  That's because it really has become difficult to discern a good email from bad.  Even if the email is from a legitimate source, there is no guarantee it is legitimate.

    With such disheartening revealation, one must think that it is almost futile to resist phishing.  However, if you read this article, you will learn enough to avoid most phishing attempts.

    Common and Easy to Spot Phishing Emails

    This section describes the most common attributes of your "run-of-the-mill" phishing emails.  The easiest phishing emails to spot are those with the following attributes:

    • From/Reply To email inconsistent:  The source email is not from someone you know or is from some a domain that doesn't match the purported email domain it claims to belong.  For example, staff receive emails from a source who claims to be from the IT department.  Our domain is stocktonusd.net, and as such we would expect the email source (REPLY TO or FROM field) to say something like support@stocktonusd.net.  However, upon close examination of the source email address, it shows it to be coming from another email domain--e.g. helpdesk@someDistrict.co.ru.
    • Many Typographical errors:  The email has many typographical errors--meaning that the email author may probably from a foreign country whose primary language isn't English.
    • Suspicious Link or attachment:  The email has a suspicious link (i.e. hover over it and the domain of the URL isn't consistent with the domain name it purports to be (e.g. the email claims to come from comcast.com, but the link goes to corncast.com.  If you don't pay attention, both domains look the same, but upon close inspection the second domain name is really spelled differently from the first--specifically the first says "c o m c a s t . c o m, while the second says "c o r n c a s t . c o m".  Also it is possible that the email has an attachment that is infected or has a benign attachment with a link, that when clicked will take you to a phishing site where the actual phishing occurs.

    In most cases, the phishing happens when you click a link and enter your login credential.  At this point, your account is breached.  If your account is breached, change your password right away, and report the incident to the IS or IT  Department.

    Latest Phishing Trends

    The previous type of phishing emails are the easiest to spot.  However, the latest trends in phishing makes detecting them tougher.  That's because the latest phishing emails are coming from legitimate email sources like people you know whose accounts have been hacked.  How can you tell if what you received from a legitimate source is a phishing email?

    By its very nature, the Internet and the email protocols were designed to be open for ease of information exchange.  This makes it very insecure.  So in general, you can't trust anything you get in email because it can literally come from anyone.  The only way you can truly be aware of who you are getting emails from is through the use of public key infrastructure (PKI) which allows users to digitally sign their emails to prove their identity and also prove the integrity of their email content.  This is achieved through the exchange of cryptographic keys which allows both sides to secure their emails.  This is beyond the scope of this article, but needed to be mentioned for completeness.

    That said, if you receive an email from a known source, and you aren't expecting it, and the email wants you to click a link or open an attachment, you can:

    • If there is a link:  Hover your cursor over the link to see if the link looks "legit".  If you aren't sure, copy the link and submit it to virustotal.com for analysis.  That site can take URLs for analysis, and using many rules tell you if it is suspicious or dangerous.
    • If there is an attachment:  Don't open the attachment.  Instead download it and submit the file to virustotal.com for analysis.  
    • Contact the source by phone to confirm.  The best option is to contact the source by text of phone to verify if it is legitimate.  It is also possible to contact them by email to confirm, but it is more timely to contact them by phone.

    Here's a typical flow of a successful phishing attempt resulting from a hacked source account:

    1. Email comes in from a colleague stating that the colleague has shared a document and you need to click the link to get to the document. 
    2. After clicking the link you end up on another site with another link taking you to the actual phishing site which looks like Google Docs, Microsoft Office 365, or even DocuSign.
    3. You click the link thinking that the you'll get to see the document.  Instead you are asked to enter your login credentials to access the file.
    4. You enter you login name and password, but then the page says that your account or password was incorrect.
    5. You email the source and ask them that you couldn't open the shared document.
    6. The source replies with "my account has been hacked; please quarantine my emails."

    You can see above how easy it is for a hacker to acquire your account information.

    Below is an actual phishing email from a hacked source.  Source email has been blurred out for privacy reasons.

    email from hacked source

     

     

    The next image shows what happened after the Open Document link was clicked.

    The Phishing Link

    The image above is designed to make you think that you are on an official Office 365 sharing site.  When in fact, you have openned a PDF document containing the phishing link.  You can see the phishing URL by hovering the mouse cursor over the link and looking at the bottom left corner for the actual URL.

    You're a Victim... Now What?

    If you are a SUSD staff member and you believe you're a phishing scam victim, take these actions immediately:

    1. Change your computer password
    2. Forward the suspected phishing email to abuse@stocktonusd.net
    3. Report the incident to the helpdesk at https://helpdesk.stocktonusd.net or call ext. 4357.

    The Take Away

    Currently, there are no technology that can protect us 100% from the perils of email phishing.  It all comes down to us, the users, as the last line of defense.  Pay attention to the tips above, and you can save yourself a ton of headaches from the effects of a phishing breach.  If for any reason you become a victim, please take action as noted in the previous section.

     

    Comments (-1)
  • Key Tech Tips for 2018-19

    Posted by Juancho Forlanda on 8/2/2018

    Phishing & Scam Emails 

    Lately, the district has been on the receiving end of some sophisticated phishing or scam emails.  If you are unsure or suspicious about an email you received:

    • Do forward it to abuse@stocktonusd.net.
    • Don't open any attachments
    • Don't click any links

    If you were not able to do the above, and believe your computer has been compromised, turn off your computer and contact helpdesk.

    Data Privacy & Security

    As a school district employee, your position may require you to handle various types of information to include FERPA/HIPAA protected data, PII (personally identifiable information), or any confidential information that are not for general public consumption.  As such, it is imperative that you exercise great caution when handling such information.  Some precautionary/preventative measures include:

    • Use Trusted & Secured Communications.  Use the official email system based on the stocktonusd.net email address, and when you need to send protected information to an authorized 3rd party, use secured means to send such data.  If you're not sure how to do that, don't hesitate to contact helpdesk.
    • Always Lock Your Computer.  Before you leave your computer unattended for any reason, press the Windows key simultaneously with the L key.  This will lock your computer--meaning that you will have to login in order to get back to your desktop. 

    Office 365:  Five (5) Free Licenses for Home Use

    Did you know that as an employee or student of SUSD, you have access to 5 licenses of Office 365 for personal/home use?  These 5 licenses can be installed on your smartphone, tablet, or home computer.  To access your licenses, simply visit https://portal.office.com/ and login with your SUSD email and password.  From there you will see a link to "Install Office apps".  If you have any questions about this, don't hesitate to ask.

    Comments (-1)
  • How to Use the Boardroom Presentation Technology

    Posted by Juancho Forlanda on 12/27/2017 3:00:00 PM

    This video will show you how to use the presentation/display technology in the boardroom at the District Office.

    Boardroom Presentation Tech Training

    Comments (-1)
  • Synergy Desk Reference

    Posted by Juancho Forlanda on 8/4/2017

    If you use Synergy, this Synergy desk reference (or short link:  https://goo.gl/Y72HfS) should come in handy.

    If you have any questions about it or are in need of technical support with Synergy, don't hesitate to contact helpdesk at http://helpdesk/ or call ext. 4357.

    Comments (-1)
  • Basic Tech Tips

    Posted by Juancho Forlanda on 8/2/2017

    Welcome back to school everyone!  

    Please take a moment to review the tips below to help ease you back into the system should you need it.  The items are listed in the order you or those in your office will most likely need them. 

    1. Computer/email password.  If you know of someone having computer or email login issues, one way to get this corrected is to use our password reset service.  The link to it is located on the bottom left corner of the Stockton Unified School District (SUSD) web site home page.   Specifically, the link says "forgot password?".  You can also use this link: 
       
            https://www.stocktonusd.net/password 

      This service will only work if you've already enrolled in it.  It will ask you three questions which only you know the answers.  If you haven't enrolled yet, now is a good time to start.  This way you aren't waiting on us to reset your password.  Simply visit that link and login, then click the Enrollment tab to begin the process.  You can access this service both inside and outside the SUSD network. 

      If you aren’t enrolled and you can’t log in, call helpdesk at ext. 4357 to have your password reset.
       
    2. Phones.  During the summer, many phones get disconnected.  You can wait for your tech to help reconnectit, or you can reconnect it yourself with the help of this video (https://youtu.be/Jjpo4yLqmOU) which shows you exactly how to connect a phone to the network and to your computer. 
       
    3. Phone Extension/Voice Mail.  If there arechanges that need to be made to phones, to include reassignment of phones, setting up voicemail, and enabling for long distance capabilities, have your administrator send a request via email to VoIPRequest@stocktonusd.net with the details of changes needed. 
       
    4. Student Windows Login Account Issues.  If you are a teacher or school administration staff, and you have one or more students who cannot login or are having login issues to theirWindows computer, please send an email to studentAccountsDL@stocktonusd.net and provide the following information: 
      • School name
      • Full name of student
      • Student's ID number
      • Student's date of birth
         
    5. All Other Tech Issues.  Experiencing WIFIconnection, Synergy, computer hardware, virus/ransom ware infection, or any technical issues?  Please contact us.  Even if you aren't 100% sure, contact us, and we'll figure it out.  The best bet for contacting us is by logging a service request at http://helpdesk/ (or call ext. 4357).  If we can't help you, we can certainly refer you to the right team who can.  Try to resist that urge to simply email that special technical contact—log a service request. 
       
    6. Technology Orientation Video.  If you are new to the District, please take a moment to view this less than 2-minute technology orientation video(https://youtu.be/xTtx-bOPePc).  It will help give you a sense of the technology landscape in the District and show you how to get technical help should you need it. 

    Important Reminders: 

    • Privacy/Confidentiality of Student Information.  The privacy of ourstudent personally identifiable information (PII) is of paramount importance to the District.  We are required by law (under FERPA) to protect our students' PII.  The same is true for their medical/health information.  HIPAA is the federal law mandating such protection.  Watch these very short videos to help you understand these subject matters: 
    • Official District Email Domain.  Theofficial email domain for District administration/operations communications is stocktonusd.net.  Please keep this in mind when sending emails.  Some people prefer using certain email services and auto-forward their District emails there.  Please refrain from doing this as you could inadvertently cause a breach to student or staff confidential information.  Remember, email is not   Once it leaves our domain, it becomes exposed to the "wild west" that is the Internet. 
       
    • Dealing with SPAM and Phishing Email.  Although we use SPAM/phishing and malware filter on or email, some still get through.  That's because there is no 100 % solution as the scammersare always ahead of the spam filter/antimalware vendors.  With that, if you see SPAM/phishing email, send it as an attachment to abuseDL@stocktonusd.net.  In the subject heading of your email, put "Possible spam/phishing email."  

     

    Comments (-1)