Cybersecurity isn’t just about protecting data.
That One Email...
You ever get one of those emails that just doesn’t feel right?
We did — and it came from someone our team has emailed a hundred times before.
A Tribal court clerk.
No greeting. No “Hi,” no “Good morning,” nothing — just an attachment.
And in our world, attachments mean business — court records, verifications, important stuff.
Well, turns out this one meant trouble. It was a phishing email that hijacked one of our accounts before we even realized it. One minute we’re corresponding with a known court clerk, the next we’re running a root cause analysis and sending client notices.
Talk about a “Skoden” moment — let’s go then… straight into crisis management!
We immediately shut everything down, scrubbed our systems for compromises, and found one spin-off email. Thankfully, everything else was clean. We advised our clients:
Do not open any emails from [staff member] until we give the all-clear.
Our clients and vendor partners are diligent — we started receiving calls asking, “Did you mean to send this attachment?”
We confirmed, “Nope. Please delete it.”
What Is Phishing?
Phishing happens when attackers impersonate legitimate people or organizations to trick users into revealing sensitive information, installing malware, or performing other actions that compromise security.
That day reminded me that even official sources can be compromised.
In background screening, cybersecurity isn’t just about protecting data — it’s about protecting people’s identities.
Every piece of information represents someone’s livelihood, their chance at employment, or even their standing in the community.
We Saged Our System
We tightened our controls, re-trained our team on how to spot phishing attempts, debriefed with our IT team, and then gave the all-clear to our clients and vendor partners — saged the system.
(Yes, I literally lit sage — thankful nothing was compromised and we caught it early. Sometimes, you just have to reset the energy and start fresh.)
What We Covered in Our Refresher Training
- Check the Sender: Verify the sender’s email address. Be cautious of slight misspellings or unfamiliar domains.
- Look for Red Flags: Be wary of emails that create urgency, request personal information, or have generic greetings like “Dear User.” Even with known senders, notice unusual wording or a change in tone.
- Inspect Links and Attachments: Hover before you click, and don’t open unexpected attachments — even from familiar names.
- Verify Requests: If an email asks for sensitive information or unusual actions, confirm through a trusted channel (like a quick call). If the sender isn’t known, delete it.
- Report Suspicious Emails: Notify your IT team immediately if something seems off.
Thirty years in, and this work still keeps me on my toes. Stay alert, stay grounded, and protect the people behind the paperwork.
Michele’s Tip of the Month
“Even if you trust the sender, check the tone. If it feels off, it probably is. Hover before you click.”
Read more stories from Behind the Investigation: Real Stories. Real Lessons. at https://pscprotects.com/training/
