Center Point ISD

‘Tis the season to shop, and of course be jolly! Awesome deals seem to be everywhere on the latest toy, the next generation of electronic devices, or a week long trip to Hawaii, from where we can wish those at home stateside ‘Mele Kalikimaka.’ Any one of these things would be the perfect gift(s) for others on our shopping list or ourselves.

Around this time of the year, probably more than ever, malicious cyber actors attempt to ‘Phish shoppers a Merry Christmas.’ Whether they hack into merchants’ websites, or send out phishing emails, stocked full of luring deals, or questions about your account, these actors never stop at getting information from you with the simple click of a link or a reply. If you receive an email, or even a text message, from a “legitimate” business or representative requesting payment information, payment updates, or other personal information, Do Not Reply OR click the link to go to their website (which is often well designed to mimic a legitimate business website).

Their messages, most of the time, seem innocent. And other times, their messages try to frighten you into immediately acting to secure your account or divulge information to them. Key ways to identify a phishing email include:

• The sender’s email address looks right, BUT it contains extra characters and/or misspellings;
• Misspellings and/or use of bad grammar within either the Subject Line or anywhere in the message body;
• Addresses you with generic terms such as “Mr.”, “Ms.”, or “Dear Customer”, instead of by your name;
• The message warns that if you do not take immediate action by clicking on the link and entering personal details and/or payment information then you will ‘lose out’;
• Flat out extortion; 
• The message promises refunds, extra coupons, or other freebies after the purchase;
• The message seems very important and/or urgent, but it is from someone you do not know;

If you are still unsure whether you have received a phishing email do not click on their link, open the attached file, or reply to their message. Instead, you can search for the company's website through a search engine. If you find the company’s website and the deals are real then you are fine.

Find out if the person also works here if you believe the message is from someone employed here.

If you determine that it is a malicious cyber actor trying to ‘Phish you a Merry Christmas’ then do not simply delete the email. REPORT it instead. By reporting the phishing email it not only pulls the email from your inbox but from others here on campus who may have received it too.