All posts by Brian Murphy

Phishing – May 2017

Dana Hall Community,

From Google reports, approximately 1 million Google accounts were affected by yesterday’s phishing attack (~ .1% of their 1 billion users!!!)

Below you’ll find information on what you can do to secure any of your Google accounts including your Dana Hall Google Apps account.

Each user has the ability to run a security health check. This security check is only available to each user/owner of that account. Because of this exclusivity, the Technology Department is unable to run a security check on a user’s account for them.

This check must be done by each user themselves.

To run the Google Security Checkup:
  • Perform a search in Google with the following keywords, “google account security check”
  • Choose the Security Checkup – My Account – Google link as shown above
  • Proceed through the various sections of the checkup. Click Done or Looks Good at the end of each sub-section.
  • The last section is important to review…
  • In this section you’ll see many applications whose access to your Google Apps account was approved by you since your first access to the account.
  • Browse this list, and remove any app you do not want to have access any longer
  • Click Done, and return to the My Account page
Understanding the phishing attack…
The malicious application that was being sent around was called, Google Docs, and had no affiliation with Google whatsoever. Within an hour of the start of the attack, Google was able to deactivate and remove this application automatically from all Google user accounts. This application would have shown up in the last section as an “Approved Application.”
Again, Google removed this application for all it’s users automatically.