Phishing -- are you experienced?

Pacific NCDEA

My conservation district had a bad experience with phishing recently.  That caused me to bring up this topic when I visited with the Idaho District Employees Association board last week.  I was surprised -- and alarmed! -- to hear several people describe their experiences with attempts to phish information from them.

Have districts in your state been subjected to phishing attempts?  How severe is the problem?  Your responses may help us develop training materials to help protect our sister districts from this kind of cyber threat!

( What is phishing?  See this government article: )

Tom Salzer, Pacific Region Director, NCDEA

Craig Nelson

Our conservation district in Washington State has seen quite a few more pop up recently.  The ones that are the scariest are the ones that say they are from a known person.  We even had one last week where 'employee A' received an e-mail that appeared to come from 'employee B' until the receiving employee looked at the e-mail address because the content of the message didn't quite make sense.  The name in the header matched the name of one of our employees, but the e-mail address was absolutely different, like not even close to our convention type of different.

I'm particularly concerned too with the web-site generated e-mails from platforms like Dropbox when you share a file or folder there.  We have received a couple of those from partners with a link to open the file they shared with us.  Those are by far the scariest to me because the most recent round looked real enough and were from partners we actively engage with, so I'm sad to say it got me and one other employee in our office before we caught onto the fact that it was a phishing attack.

Now we are all hyper vigilant until unfortunately we aren't some time in the future and we start all over again...sigh.