Skip to main content

Is This Email a Scam? How to Identify and Report Phishing at RCS

Steven Mojica
Updated

What Is Phishing?

Phishing is when someone sends a fake email pretending to be a trusted source (like HR, a bank, or a coworker) to trick you into clicking a malicious link, downloading a dangerous file, or sharing sensitive information.

RCS staff are regularly targeted by phishing attempts. Learning to spot them protects you, your students, and the school.

Red Flags: How to Spot a Phishing Email

Check the Sender's Email Address

  • Does the email claim to be from RCS or HR but come from an unusual address?
  • Example: An email about "salary adjustments" from an unfamiliar domain instead of an @redlandschristian.org address is a clear red flag
  • Hover over the sender's name to see the actual email address

Look for Urgency and Pressure

  • "URGENT: Action required immediately!"
  • "Your account will be suspended unless you click now"
  • "Verify your identity within 24 hours"
  • Legitimate organizations rarely pressure you with extreme urgency

Examine Links Before Clicking

  • Hover over any link (don't click!) to see where it actually goes
  • If the URL doesn't match the organization it claims to be from, don't click
  • Look for misspellings in URLs (e.g., "rnicrosoft.com" instead of "microsoft.com")

Watch for Generic Greetings

  • "Dear Employee" or "Dear Staff Member" instead of your actual name
  • Legitimate internal emails usually address you by name

Unexpected Attachments

  • If you weren't expecting a file, don't open it
  • Be especially cautious with .zip, .exe, or macro-enabled Office files

What to Do If You Think It's Phishing

  1. Don't click any links in the email
  2. Don't download any attachments
  3. Don't reply to the email
  4. Forward the email to itsupport@redlandschristian.org with the subject line: "Possible phishing"
  5. IT will investigate and let you know if it's safe or malicious

What If I Already Clicked a Suspicious Link?

It happens — here's what to do immediately:

  1. Don't enter any credentials on the page that opened (if you haven't already)
  2. Disconnect from Wi-Fi if you downloaded anything suspicious
  3. Contact IT immediately at itsupport@redlandschristian.org
  4. If you entered a password, change it immediately for that account and any other accounts where you use the same password

Recent Phishing Patterns Targeting Schools

Here are patterns we've seen recently:

  • Fake "salary adjustment" or "compensation update" emails from non-RCS addresses
  • Fake data notification emails that aren't from legitimate addresses
  • Fake shipping notifications or invoice attachments

When in doubt, forward it to IT. We'd rather check 100 legitimate emails than miss one real phishing attempt.

RCS Information Technology · IT Help Center

Comments

0 comments

Article is closed for comments.

Powered by Zendesk