PUSD Tech Director, Stephanie Griffin has to deal with a different form of scams, and sometimes she’s the one doing the scamming.
“I’ve sent [emails] out, I’ve used a system to lure and see which staff [respond] and it’s not a gacha. They are directed to education,” said Griffin.
What Griffin does is called” phishing” According to the FTC’s Website, phishing involves sending messages disguised as a reputable source like a bank or internet service provider with the intent of gathering sensitive personal information like usernames, passwords, addresses and IDs. The message might ask for such data to reset a password or verify entry, but in reality, it’s just looking to harvest information. The administration has had a few close calls involving phishing.
“The business services has gotten emails saying they were from Randy Booker, who used to be the superintendent, writing to someone saying, ‘hey, I need to get a copy of all the employees W9’s can you send them to me?’And all those W9’s would have names, birthdays, and socials. Someone had to look, really, really close and see that it really wasn’t Randy sending it.” According to Griffin, staff get emails like this multiple times a year, but so far no data has been stolen. But threats to school cybersecurity can come from other places too.
“We got a call on the day before Thanksgiving in 2021 from the FBI, saying that an unknown cyber criminal had been scanning some ports on our network. So inside our network we have only local numbers. We have some public facing IP addresses. And that might go into certain servers or allow the internet to get in and things like that. Those sorts of times are really popular times for schools to get attacked during Thanksgiving or winter break, because people are not necessarily working. So we’ve had two kinds of Thanksgiving scares similar to that.”
According to Griffin, the issue was resolved and any of the IP’s scanned couldn’t be used to harvest more information and other forms of data are stored using layers of encryption. Each school uses its own wifi networks for added security, and the district employs VLAN technology to limit the spread of malware.
When it comes to information online, remember that all data has to go somewhere and that it will stay there regardless of what you do. Always make sure that what you post or send is something you’re ok with others seeing, even if what you send is supposed to remain private. A bit of skepticism is healthy so always remain on guard for people who might not be who they seem. It’s always better to be safe than to be sorry.