Board of Aldermen 05-28-2019 Page 3
So it does become very difficult to know if you don’t know who this person is sending it. So | would love
to have some kind of a meeting like that.
Mayor Donchess
| think there was one situation where they sent phishing expedition of e-mails that look like that they
came from me and I’m asking them to do X, Y, or Z which obviously | never sent.
Alderman Lopez
| have you on spam filter anyway.
Mayor Donchess
Anyway so yes, they can look very legitimate when you click on them, they may have logos and the like
and it looks absolutely real. So you really need to be careful on what you click on especially and what
you respond to.
Alderman Laws
Just because it is irrelevant right now, | am currently being phished by a fake Paul Shea account. So if
anybody is getting messages. | confirmed it, is fake, they are talking about community grants so they
know what they are doing. It’s on Facebook as well.
Alderwoman Melizzi-Golja
Thank you. Mayor Donchess, several of us were talking about this recent incident in Baltimore, it is
pretty scary to see what can happen. Mr. Codagnone came to PEDC with Ms. Kleiner and spoke not in
depth but did talk about the precautions that our IT Department is taking and also the need to update
programs and systems they we are using. So thank you for mentioning it, because it is certainly
something we all need to be aware of. In Baltimore they said it was like having a truck just come and
take all their paper records and empty all their records, which is pretty scary.
Alderman Lopez
| just had a thought and | guess Attorney Bolton can answer this. Can this be like a presentation that is
nonpublic because | don’t know if streaming our security protocols on YouTube is going to help the
situation?
President Wilshire
We will have a discussion.
Attorney Bolton
Some of it is probably appropriate for non-public; most of it probably if public is fine.
Alderman Harriott-Gathright
I’d just like to say they have a lot of training on-line because I’ve been a victim of some of this and had to
actually go through the training. One of the trainings was actually 45 minutes and it was strictly about
ransomware and malicious, most of it was about that.
RECOGNITION PERIOD — None
