Skip to main content
Discover Explore Experience
District Departments » Technology Services » Online Safety Tips

Online Safety Tips

Keeping the district networks and systems safe involves the diligence of all district staff, students, and parents. 
  1. Read and respect the Acceptable Use Policies (provided yearly in the student handbooks, and available online in the board policy pages): 
  2. Always keep your own back ups of important files (Google Drive and other cloud-based storage works well for this purpose; storing critical files on a Chromebook or Windows desktop is not recommended). 
  3. Know how to spot fake emails (phishing attempts) that seek to harm your computer, and those connected to it.
Thank you for your efforts to help keep district computers and data safe and secure.

What is phishing?

Phishing, in simplest terms, is a social engineering attempt to make a person give up personal, confidential, or financial information. The format of a typical attempt alerts a target to an issue of some sort, such as a compromised bank account or online account. There will be an urgent nature to the message. While modern anti-spam protection in Gmail, Outlook, and other email systems is quite good nowadays, no filter is perfect. Occasionally a phishing message will slip though into your inbox, so let’s look at six quick ways to identity such messages and some basic rules to handle and avoid them.

6 Quick Clues to Identify Email and Phone Scams

  1. Messages that Ask for Personal Information: Any email, text, or voicemail that is requesting that you provide personal information or they report that your account has been compromised should be looked at with high suspicion. These types of messages are especially dubious if they seem to come from a bank, the IRS, or other government agency.
  2. Messages with Addresses or Phone Numbers that Do Not Match: In spoofing emails, the URL shown on the email and the URL that displays when you hover over the link are likely different from one another or redirect to another country. A message can seemingly be sent from an internal URL (@clps.org, @go2clps.org), but the return, reply-to, or source addresses can be different. Additionally, the “From” address can be an imitation of a legitimate address, especially from a business – for example: @appleid.com instead of the correct @apple.com. Links in a spoof email will not link back to the company. Hovering over the link will reveal a different address. For a phone call, the return call left on a voice message may not match anything listed on a company’s website.
  3. Messages with Poor Formatting: With spoof emails, the formatting and design are typically different from what you usually receive from an organization. Maybe the logo looks a little off or the buttons and links to click are different or the wrong color. There may be strange paragraph breaks, extra spaces between words, grammar errors, and misspellings. If anything in the message is poorly written, take a closer look, and treat with caution.
  4. Messages Designed to Cause Panic: A phishing email almost always sounds desperate. The email may claim that your account has been compromised and the only way to verify it is to follow a provided link and enter your login details. Alternatively, the email might state that your account will be closed if you do not act immediately.
  5. Links to Follow Do Not Match or are Not Secure: If you hover over a link in an email, the link should match the address text. The web link should also be to a secure page starting with “https” and not “http” (that “s” is important). If you do go ahead and click on the link of an email to fill out personal information, be sure the addresses match and that you see the “https” abbreviation as well as the lock symbol at the beginning of the URL. If not, that means any data you submit is not encrypted and could be viewable by cybercriminals.
  6. Messages that Contain Suspicious Attachments: If the email contains attachments from unknown sources that you were not expecting, do not open them, plain and simple. They might contain viruses or other malware that could infect your system.
 

3 Quick Tips for Handling Suspicious Calls and Emails

If any of the “6 Clues” point to the message being suspicious, always remember the following:

  1. Use Direct Web Addresses to Verify. Never use links in a suspicious email to check to see if your accounts are safe. Navigate to, or contact, the company being referenced directly via their official website address (or number listed on it). In the case of a bank, the number on the back of your card is typically the best option to check for fraud.
  2. Report Spam …to Google (or your email vendor). As mentioned, no spam filter is perfect. If a suspicious message makes it through, mark it as such. In the message itself, make sure to click the "Report spam" button (the little stop sign with the exclamation point). Clicking on this will help Google's filtering algorithms learn the patterns of these scammers, keep these out of your Inbox, and send them to the Spam folder in the future. Side note: in your “Spam” folder you can select legitimate messages as “Not Spam” if they were tagged incorrectly.
  3. When in Doubt, Throw It Out (Delete It). Yes, spam and phishing attempts are annoying, but the best course of action is just to delete and ignore most of these messages. Until the FCC decides do legitimately do something about spam and robocalling, junk email and cold calls will continue to be a part of everyday life. It is probably best to ignore, move on, and to not let it ruin your day.

3 Quick Tips to Keep Your Accounts Safe

  1. Use a Strong Unique Password that has at least 10-12 characters using mixed (upper and lower) case letters, numbers, and symbols. Avoid using the same password across multiple sites. Using unique passwords can be tough, because when you come up with good one that you can remember, you may want use it all the time. However, if one account is hacked, it opens the door to additional accounts that use the same login.
  2. Use Two-Factor Authentication. If any of the online accounts and websites you use support it, two-factor logins are an additional line of defense against scammers. Two-factor requires a second step to login to a website – typically via a texted or emailed code – but is well worth the effort due to the safety it provides. Despite the minor annoyance of having to wait for the code, two-factor authentication can be an important tool to keep your critical accounts safe.
  3. Change the Default or Temporary Password. If a system lets you, change the default or temporary password to something stronger. (See Quick Tip #1.)

Internet Safety Resources:


Common Sense Media: