[Eoscstudents] FW: [CyberSecurity] Beware Google phishing attacks!!

Jeff Weems jweems at eosc.edu
Thu May 4 08:57:19 CDT 2017 

Students:  Please be aware of the phishing scam outlined below. 

 

Jeff Weems

Chief Technical Officer

 

Eastern Oklahoma State College

1301 West Main Street

Wilburton, OK  74578

918.465.1750

jweems at eosc.edu

www.eosc.edu

 

From: CyberSecurity [mailto:cybersecurity-bounces at lists.onenet.net] On
Behalf Of OneNet Security
Sent: Thursday, May 04, 2017 8:29 AM
To: 'cybersecurity at lists.onenet.net' <cybersecurity at lists.onenet.net>
Subject: [CyberSecurity] Beware Google phishing attacks!!

 

PLEASE BE AWARE OF THIS PHISHING CAMPAIGN.  

 

 

Here is how it works.

 

The email body states "[name] has invited you to view the following
document:" and includes a link to "Open in Docs". The link opens to a
legitimate Google login page.

.         Once the recipients enter their credentials or select an account,
a permissions box for a fraudulent application hosted at
hxxps://googledocs[.]g-docs[.]win requests access to the user's address book
and email.

.         Once the victim clicks "Allow" this provides the attacker access
to their email account and address book but not their calendar. The attacker
can then send phishing emails to other targets from the compromised account.

 

So you see, if you  opened and clicked and then clicked Allow, these attacks
could ensue under your name and you should change your google password
immediately.

 

Thank you all so much for your good reports and staying smart and aware.

 

 

 

Barbara McCrary
Chief Information Security Officer
MCSE, MCSE:Security, +Messaging, CompTia:Security+ 

 <mailto:bmccrary at osrhe.edu> bmccrary at osrhe.edu

 

Protecting data is a shared responsibility!

 

INSTALL antivirus and antispyware software.

USE strong passwords.

KNOW who you are dealing with online.

STORE confidential and sensitive data on encrypted devices only.

SHUT DOWN home computers or disconnect from the Internet when not in use.

 

Oklahoma State Regents for Higher Education
655 Research Parkway

Suite 200

Oklahoma City, OK  73104
405 225.9316 office
405 234.4321 cell
405 234.4588 fax 

 

Note:  This communication and attachments, if any, are intended solely for
the use of the addressee hereof.  In addition, this information and
attachments, if any, may contain information that is confidential,
privileged and exempt from disclosure under applicable law, including, but
not limited to, the Privacy Act of 1974.  If you are not the intended
recipient of this information, you are prohibited from reading, disclosing,
reproducing, distributing, disseminating, or otherwise using this
information.  If you have received this message in error, please promptly
notify the sender and immediately, delete this communication from your
system.

 

 

___________________________________________________

 

Chris Kosciuk

Information Security

Oklahoma State Regents for Higher Education / OneNet 
655 Research Parkway

Suite 200

Oklahoma City, OK  73104
405 225.9440 office

ckosciuk at osrhe.edu <mailto:ckosciuk at osrhe.edu> 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.onenet.net/pipermail/eoscstudents/attachments/20170504/0d545534/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Untitled attachment 00018.txt
URL: <http://lists.onenet.net/pipermail/eoscstudents/attachments/20170504/0d545534/attachment.txt>

More information about the Eoscstudents mailing list