On the hook
"Hello, I know this seems odd but I don't have access to my phone and I need you to e-mail me a $250 Amazon gift card before tomorrow. It is an emergency and I need this for my nephew!"
Befuddled, I reread this e-mail from my former boss(principal) at 7 P.M. while waiting in the busy airport on a Friday night. Why would she be sending this e-mail on a Friday? What emergency would require an Amazon gift card? Does Amazon have hospitals now?
Back in 2019, I was a new teacher at the elementary school that I would eventually come to regret ever walking into. As a newbie, I was constantly nervous that I was doing something wrong and as such, always wanted to appease my boss. I was very cautious but also nervous that she was really in need of emergency Amazon bucks, so I sent her a text. About 10 minutes later, the entire school staff received a message that the e-mail had been a scam and not to reply. Duh, I thought...but I also wondered how often people fall for something like this. Just yesterday, I received this e-mail via my Dominican e-mail account:
Image Source: Blog Author's email
I am sure that some of you received this too. While I knew immediately that this was a scam because I've dealt with phishers before, I wonder how many folks jumped at this exciting opportunity. It sounds like a great deal! The e-mail even came from an account that had a picture attached and seemingly belonged to a faculty member or student. Expert phishers know how to reel you in.
(Looks like I still need a bit of phishing help)
Phishing Scams, Don't Take the Bait offers helpful suggestions on ways that schools can mitigate phishing risks. While one off e-mail security trainings are deemed ineffective, sending out e-mail reminders about phishing risks, connecting with users on a personal level, recognizing that mistakes happen, and constantly reevaluating current policies are helpful ways to ensure that schools stay scam resistant. I will say that the weekly e-mails that we received at my last school started out as helpful and then just felt incessant. However, I am grateful that I was able to gain insight into how to avoid phishing scams. While the AUP policy of my last school does not discuss phishing directly with students, I think it is important to discuss as students are even more vulnerable to these attacks.
My Former District's AUP
Since I am not currently in a classroom, I decided to take a look back on my previous school district's AUP. While they do include the AUP in their extensive portion of the handbook that addresses technology, their specific guidelines are called
RUG, Responsible Use Guidelines.After reading the article,
Acceptable or Responsible, I noticed that while District 100 did change their terminology to reflect
Responsible Use Policy, they still created a long, vague document to outline their expectations.
Pages 31-36 of the online student handbook discusses many issues, including privacy, digital citizenship, device guidelines, and cyber bullying. While I was teaching in District 100, I remember sending the students home with a slip of paper that they needed to be signed and then that being the end of it. Of course, we had discussions about digital literacy and cyber bullying, but I truly do not think that my students understood the dangers that were present on their iPads. In my opinion, the district stressed keeping the devices in perfect condition over the digital safety of staff and students.
Our Zoom classrooms were hacked multiple times last year. Some of my fourth grade students started having separate Zoom meetings and inappropriate conversations during class time. Students would constantly enter Zoom meetings and type inappropriate messages under different names. On the first day of Zoom class, before students knew how to create their own names, my life was threatened by one of my students via chat (turns out, she was one of the most soft spoken and sweetest girls in class). She thought that she was anonymous and had no idea that our tech team could discover who the message came from (Honestly, I think it was a case of trying to see what she could get away with). On all of these occasions, there were little to no repercussions for these actions. It is imperative that administrators enforce the AUP (or RUG) guidelines in order to maintain internet safety.
While extensive, the language in my old district's AUP is vague and not at all relatable. I guarantee that if you sat down with students and read them this nearly 6 page long section of the handbook, they would be extremely confused. I don't think parents would have the capacity or patience to read it either. I would suggest that the district created an AUP that is much more digestible and easy to understand. I would recommend an info-graphic and a presentation by technology specialists. I also think it is extremely important to ensure that this presentation is available in all languages and that support is available in all languages present in the school community.
Often times, our administrators last year would tell staff, students, and parents to "see the handbook!" That isn't very accessible. I highly recommend a revamp to encourage safe internet and device usage throughout the district moving forward.