Skip to main content

Phishy Business

Yesterday, we were caught up in what is referred to as a "phishing" attack. Suddenly a ton of emails came through our district accounts with the same subject line: _________ has shared a document on Google Docs with you. It seemed so legitimate, right? Phishing is a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels. You've probably seen notices by your bank warning against phishing attacks--but phishing can happen in ANY type of online account. In the phishing attack yesterday, people all around the world received that same innocuous email. Just like the fish swimming in a pond, many were unable to resist the lure of the bait so cunningly placed before us. The good news is that within one hour of the report of the first phishing email, Google had resolved the issue and shut it down. 
So, the question has to be addressed that I know many of you are asking. "How can we prevent this from happening again?" The sad thing is that we cannot because phishers are a dime a dozen. There are a few precautions we can take, however, that can limit the number of people affected.

1. Header of Email

The very first of the suspicious emails in yesterday's attack was with Chris Teal's account (I verified with Coach Teal that it was okay to use him in this blog). As soon as I opened the email I knew it was not correct. This is how:


 If you notice, in the orange highlighted box the information was definitely "phishy." Another interesting part of this email header is highlighted in green--if Coach Teal were sharing a document with me AND someone else, why would I be blind carbon copied? 

2. Prompted to Reenter Account Information

If a document is shared with you through your school account and you open it through your Gmail account, you will not be prompted to enter your account information. You are already signed in if you can open your email.

 3. Educate Yourself!

Panda Security has a great informational article on preventing phishing attacks. I've listed the top nine tips below, but there is more in-depth information on their site. Please take the time and educate yourself on what you can do to protect yourself!
  • Learn to identify phishy emails.
  • Check the source of information from incoming mail.
  • Never go to a bank's website by clicking on email links.
  • Enhance your computer/phone security.
  • Enter sensitive data in secure websites only.
  • Periodically check your accounts.
  • Phishing can be done on any online account.
  • Phishing knows all languages; if yours suddenly changes you've been hooked.
  • When in doubt, just don't click.
All in all, PRCSD did a great job yesterday through this insanity. Many of you recognized the threat as soon as the email hit your account. Please continue to practice due diligence with internet safety.

 http://www.pandasecurity.com/mediacenter/security/10-tips-prevent-phishing-attacks/


Comments

Post a Comment

Popular posts from this blog

PRC Begins a New Year!

Let's Get Down to Basics First of all, congratulations on surviving the first few weeks of school! I know how difficult/rewarding/frustrating/exciting the beginning of a year can be. No other profession can quite compare to what all of you do! For me, it is rewarding to walk down the hallways of our campuses and see our students engaged in their learning, regardless of whether that lesson includes technology or not! PRC has the best teachers in the state and our students are top-notch. Let me take this opportunity to give you some information that may save you the time of submitting a technology request. This TaraByte will be slightly longer than usual because we have so much NEW in our district. Just remember you can comment (please comment) at the bottom of this page and you can revisit these tips anytime and anywhere. Chromebook Cart Information Our Chromebook Carts are designed to "rotate" throughout the charging process. This is a wonderful thing, beca
2 comments
Read more

Set Your Sights on Google Sites

Arguably, one of the most useful tools in the GSuite for Education package is Google Sites. Yet, as I am writing this, only a handful of our teachers are actively using it. That tells me that maybe the value of Google Sites has not been adequately addressed, and I apologize for that! For those of you who have not been introduced to it, Google Sites is a free  website creation tool hosted by Google. You can create unlimited sites/pages, and each of your students can create unlimited sites/pages. Now, I will be the first to admit that t he early version of Sites (used until this school year) was a complicated monster that wasn't friendly for the everyday user. However, an upgrade to Google Sites occurred this year that makes creating  and updating a snazzy site quicker and easier than ever before.  Many of you are probably groaning already, saying something along the lines of, "Why does this crazy woman think I have the time to build a website? Doesn't she know I am a
Post a Comment
Read more

March Madness (Of a Totally Different Kind)

The time has come, The time is now. All PRC Employees, Change your passwords now! Ugh, I know. I feel your pain. I, too, have to change my password and struggle with muscle memory (also known as the way the password feels when I type it in). I also have to store my passwords in strange places that I may or may not remember how to find when I need them. The good news is, we are not alone! When you are feeling stressed out about the password you created five minutes ago that now no longer works, peruse one of the videos linked here. You'll feel better (or maybe not) about your own password struggles when you realize just how many people out there are in the same boat. Just a few quick reminders: 1. We have to change our Windows login passwords. You will be prompted to do so. 2. We have to change our Gmail passwords. You will be prompted to do so. 3. We have to change our SAM Spectra passwords. You will be prompted. . . AND as an extra special, SUPER-DUPER bonu
Post a Comment
Read more