Technology Department News

Phishing Attack

There was a major phishing attack today. This one was particularly well done. In short, here is what was happening:

Users would receive an email that someone had shared a document with them. This document was a “real” person. When the user clicked on a link, there was a prompt to allow “Google Docs” access to your data. This was an App that was masquerading as “Google Docs”.  If the user clicked “Allow”, the App now had access to contacts and would further propagate itself by sending out more emails.

This phishing attempt was well crafted in several ways. Everything was spelled correctly. The link looked perfectly legitimate. Lots of people clicked the link and allowed access.

As soon as the Technology Department saw this attack, we immediately began taking steps to intervene. Our intervention included many steps with an “all hands on deck” mentality. We were able to very quickly stem the flow of phishing attacks. However, email moves very quickly and there were some people who received the emails. Again, we took many steps to mitigate the damage (which we don’t lay out here for security reasons).

This attack was not limited to Dearborn Public Schools. Thus, your personal Google account may also have been compromised.

Google has revoked the access that this App had. Thus, everything should be fine now. However, if you want to be double-triple sure, you can go to your Google settings and remove access (the App should no longer be there, but you can confirm that):

  1. Go to google.com.
  2. Click on your picture in the upper right hand corner and select “My account”
  3. Click on “Connected apps & sites”
  4. Click on “Manage Apps”
  5. Find the app called “Google Docs” (you may have a legitimate one – click on the name to check the date installed. If today, May 3, 2017, it could be a problem).
  6. Revoke all permissions

 

Again, it appears as though Google has responded in a method that completely remediates this issue. You shouldn’t have to do anything in particular.

This is a good time to remind ourselves to be careful when we approve others having access to our stuff though. Think twice, click once.