Phishing emails circulating in school lists

Published November 9, 2016 by justicewg

As if you didn’t have enough to process this morning, a wave of phishing emails are being sent out to Grandview parents. If you get an email from somebody you know in Grandview that contains a request to “kindly review the attached document”, it will attempt to get you to enter your name and password (don’t know which password they are phishing for, I guess anything can be used to try to hack your accounts).

Below is the email that was sent out this morning by Brad Pettit, Director of Technology Operations at the school.

Grandview Parents and Community Members:

We are seeing several emails from Grandview community members, staff and students that are SPAM or phising emails. The email is very general (such as “kindly review the attached document”)  but asks you to open a file that is password protected. This is email is not legitimiate and should be deleted immediately. We are addressing comprimised accounts of staff and students right now and if you have opened any attachments from an email like this, it is suggested that you change your password.

Please feel free to contact me if you have any questions.

Thank you

Brad Pettit
Director of Technology Operations
brad.pettit@ghcsd.org
614-485-4034

Some things to help with the phishing email

The email will have the name of a Grandview parent or school staff in the “from ” field. The one I got was from B. Lynaugh. He has been getting a lot of calls and emails asking “did you send this?”. So there is no reason to notify the person who was used as the subject line, they know about it, and it had nothing to do with them (other than the fact they were on a list of school associated names).

Second, instead of just deleting the email, go to the website for your email provider and mark that email as spam. This will help the email providers know that emails that come from the “grandviewstudents followed by .org” domain are fake and spam (or not – I see this domain is in use by the school)

By the way, if you do the lookup for that domain, the owner is hidden by a proxy. The domain had to be a confirmed real domain to get past the spam filters.

(Later) After some searching, it turns out that domain name is being used by the school, I see it mentioned in some of the school info on the website. That points to the likelihood that some student at the school was assigned an address, and it was hacked somehow.

Advertisements

One comment on “Phishing emails circulating in school lists

  • Leave a Reply

    Fill in your details below or click an icon to log in:

    WordPress.com Logo

    You are commenting using your WordPress.com account. Log Out / Change )

    Twitter picture

    You are commenting using your Twitter account. Log Out / Change )

    Facebook photo

    You are commenting using your Facebook account. Log Out / Change )

    Google+ photo

    You are commenting using your Google+ account. Log Out / Change )

    Connecting to %s

    %d bloggers like this: