In the image below I've added markup to the email to identify at least three, easy-to-spot clues to this phishing attempt. Click on the image to enlarge for easier reading.
If you actually followed the link and entered either personal account or ESSD40 email account information, immediately do the following:
- Change the password on the accounts you entered.
- If it was your ESSD40 email account, press ctrl + alt + del on your computer, select "Change password" and follow the prompts.
- If it was a personal email account, follow the instructions from your email provider to change the account password.
- If the computer from which you followed the links in the email was a district computer, send an email to firstname.lastname@example.org to let us know. We will scan the computer for malware.
Protect yourself from future spear phishing by learning more through this SANS Ouch! article on spear phishing: http://www.securingthehuman.org/newsletters/ouch/issues/OUCH-201307_en.pdf