Tag Archives: Phishing

EMAIL SPOOFING ON THE RISE

Good Afternoon,

I’m sure by now you are all familiar with and have experienced email phishing, but today I’m reaching out to discuss another very popular tactic called email spoofing.

Email spoofing is a type of forgery that makes the email look like it’s from a boss or colleague in need. They will often send a short, vague and sometimes desperate email in attempt to get you to reply to the message. Recently, school districts (including ours) have been hit hard with these attempts. Just in the last week we’ve seen five building administrator’s accounts spoofed.

You can generally tell that these are fake emails by looking at the email address the message is being sent from.  For example, the account doe.john@iowacityschools.org would be someone from the district and should be safe to reply to. However, an email from johndoe12@gmail.comprincipaljohndoe@yahoo.com, or even doe.john.iowacityschools.org@gmail.com are fake and potentially malicious. These are only examples and this is not an exhaustive list.

Here are few email best practices put together by the Help Desk.

  • Do not send confidential or sensitive information via email.
  • Do not send money or gift cards via email.
  • Always verify the sender’s address.
  • Keep an eye out for a yellow or red warning across the top of an email.


As always, if you have questions or suspect a spoofed email, contact the Help Desk.


Thanks,

Josh Reynolds
Client Services Manager

Alert: Google Fake Share Update

Yesterday, Google Drive was subject to a phishing attack that sent fake messages with a Google Doc link, with a subject line telling you that a file had been shared with you.  This was a worldwide event (not just ICCSD), and you can read about this issue here, here, and here.  

What should you do? 

While there is no evidence that this scheme allowed attackers to steal passwords, we are recommending that if you clicked the shared doc link in one of these spam emails, you change your password as a precautionary measure.  Since our ICCSD Google passwords are synchronized with our network passwords, you’ll need to change your network password.  You can do this by pressing Control-Alt-Delete at the same time, and clicking “Change a Password”.  You’ll need to enter your old (current) password, and then enter your new password two times.  Within a few hours (at the most), your new network password will be synchronized to Google, and will become your Google password as well.   Continue reading Alert: Google Fake Share Update