Morningside's first source for campus news
Monday December 11th 2017

Insider

Archives

Morningside Reeling from Google Phishing Attack

PhishingAttack(05.09.2017) By Austin Brunick — A suspicious email has been traveling not only around Morningside’s campus but campuses and businesses around the nation, and is believed to be a phishing attack.

A phishing attack is the attempt to obtain information such as usernames, passwords, and credit card details by disguising the virus as a trustworthy site.

The scam that is made its ways around Morningside campus deals with a Google

Docs look-alike. Students, faculty and staff may have received an email from hhhhhhhhhhhhhhhh saying “Firstname Lastname has invited you to view the following document:” with a button that looks like the one Google uses.

I personally fell victim to this attack, and afterwards everyone in my contact list was sent the same message only with my username to make it look as though I was sending them the document. I then changed all of my passwords linked to the google account and all financially important information.

Aaron Orndorff sent out an email at 1:38 on Wednesday informing students that a faculty member’s email account had been compromised, also stating that if you had already clicked the link, like I had, to make sure you change your Morningside password.

For anyone who may have clicked the link there are some more steps you can take to protect yourself than just changing your password.

The first thing you should do, according to Donovan Dejong, an IT professional at Augustana University, is check to make sure that the application “Google Docs” does not have any permissions on your Google account and, if it does, disable it.

This is because the actual Google Docs works through Google Drive and doesn’t need permission by itself. If you have Google Docs as an app in your browser disable it immediately.

The second thing you should do is to check that your email has no extra filters on it. For example, my email had an extra filter that had random letters, and I could not remember if I had set this filter for something or if it was cause by the attack, so to be safe I deleted it.

Everyone needs to take these steps to make sure they are safe from identity theft or worse.