[Eoscstudents] FW: [CyberSecurity] Beware Google phishing attacks!!
Jeff Weems
jweems at eosc.edu
Thu May 4 08:57:19 CDT 2017
Students: Please be aware of the phishing scam outlined below.
Jeff Weems
Chief Technical Officer
Eastern Oklahoma State College
1301 West Main Street
Wilburton, OK 74578
918.465.1750
jweems at eosc.edu
www.eosc.edu
From: CyberSecurity [mailto:cybersecurity-bounces at lists.onenet.net] On
Behalf Of OneNet Security
Sent: Thursday, May 04, 2017 8:29 AM
To: 'cybersecurity at lists.onenet.net' <cybersecurity at lists.onenet.net>
Subject: [CyberSecurity] Beware Google phishing attacks!!
PLEASE BE AWARE OF THIS PHISHING CAMPAIGN.
Here is how it works.
The email body states "[name] has invited you to view the following
document:" and includes a link to "Open in Docs". The link opens to a
legitimate Google login page.
. Once the recipients enter their credentials or select an account,
a permissions box for a fraudulent application hosted at
hxxps://googledocs[.]g-docs[.]win requests access to the user's address book
and email.
. Once the victim clicks "Allow" this provides the attacker access
to their email account and address book but not their calendar. The attacker
can then send phishing emails to other targets from the compromised account.
So you see, if you opened and clicked and then clicked Allow, these attacks
could ensue under your name and you should change your google password
immediately.
Thank you all so much for your good reports and staying smart and aware.
Barbara McCrary
Chief Information Security Officer
MCSE, MCSE:Security, +Messaging, CompTia:Security+
<mailto:bmccrary at osrhe.edu> bmccrary at osrhe.edu
Protecting data is a shared responsibility!
INSTALL antivirus and antispyware software.
USE strong passwords.
KNOW who you are dealing with online.
STORE confidential and sensitive data on encrypted devices only.
SHUT DOWN home computers or disconnect from the Internet when not in use.
Oklahoma State Regents for Higher Education
655 Research Parkway
Suite 200
Oklahoma City, OK 73104
405 225.9316 office
405 234.4321 cell
405 234.4588 fax
Note: This communication and attachments, if any, are intended solely for
the use of the addressee hereof. In addition, this information and
attachments, if any, may contain information that is confidential,
privileged and exempt from disclosure under applicable law, including, but
not limited to, the Privacy Act of 1974. If you are not the intended
recipient of this information, you are prohibited from reading, disclosing,
reproducing, distributing, disseminating, or otherwise using this
information. If you have received this message in error, please promptly
notify the sender and immediately, delete this communication from your
system.
___________________________________________________
Chris Kosciuk
Information Security
Oklahoma State Regents for Higher Education / OneNet
655 Research Parkway
Suite 200
Oklahoma City, OK 73104
405 225.9440 office
ckosciuk at osrhe.edu <mailto:ckosciuk at osrhe.edu>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.onenet.net/pipermail/eoscstudents/attachments/20170504/0d545534/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Untitled attachment 00018.txt
URL: <http://lists.onenet.net/pipermail/eoscstudents/attachments/20170504/0d545534/attachment.txt>
More information about the Eoscstudents
mailing list