I received an spam or phishing email from inside of the college.

Steps:

If you receive phishing emails from within your company's domain, it can be particularly concerning as it might indicate a compromised account or insider threat. Here are steps you should take:

Do Not Engage: Don't click on any links, download attachments, or reply to the email.

Report It Immediately: support@spcc.edu or support.spcc.edu

Internal Reporting: Notify your IT department or security team immediately. They might have a specific process or email address for such reports.

Screenshot: Capture a screenshot of the email, including headers, if possible.

Preserve the Email: Do not delete the email. IT might need it for investigation.

Verify with Sender: If you recognize the internal sender, contact them directly using a previously known email or phone number (not information from the suspicious email) to confirm if they sent the email.

Check Email Authenticity: Check the email headers for signs of spoofing. Sometimes attackers use "look-alike" domains that are very similar to your company's domain.

Change Passwords: If there's a chance that your account details have been compromised (especially if there were any prior suspicious activities on your account), change your password immediately and consider enabling multi-factor authentication (if it isn’t already).