Today Tina brought an article that was published in the December 2019/January 2020 copy of Tech & Learning magazine titled "Lateral Phishing: What K-12 Schools Need to Know" It is a really eye opening article and so important that we all know about it and take steps to protect ourselves from it.
Not sure what phishing is? Here is a great, short video (less than 4 minutes) that I use with students from Google for Education:
Hackers are taking their game one step further and are using applications to embed themselves into other applications that you may want to use. Like a tapeworm, you think you are eating a delicious bite meat and when you swallow it you also swallowing a worm. (sorry for those who just ate) You don't know it's there and it is thriving off of your diet. These programs are attached to another source and when you grant Google access, when you sign up for Google and you just click accept to use this cool tool that you read or heard about, you are also granting hackers access to information.
Since we deal with a lot of confidential information K-12 schools are HUGE targets to these lateral phishing schemes. Google has created a Help Desk article that you can follow step by step to help keep yourself informed and protected: https://support.google.com/accounts/answer/3466521?hl=en
For the more simplified version:
Most important you need to think about what you have granted access to and if they need that access. You can check that here: https://myaccount.google.com/permissions?pli=1
As mentioned in the video and article Basic Information isn't the worst thing but you need to look at those that you have given full access or access to your gmail and drive as they could potentially be sending things as you that you are not aware of.
Bottom line is "Never Trust, Always Verify" meaning don't take a company's word but pay attention to who you are granting access and what you are granting them access to. Take some time to look at what Apps and Extensions you may have that you don't need/use and what access they have.
Students and staff alike should be taking time on a regular basis to check who has access to what information.
Not sure what phishing is? Here is a great, short video (less than 4 minutes) that I use with students from Google for Education:
Hackers are taking their game one step further and are using applications to embed themselves into other applications that you may want to use. Like a tapeworm, you think you are eating a delicious bite meat and when you swallow it you also swallowing a worm. (sorry for those who just ate) You don't know it's there and it is thriving off of your diet. These programs are attached to another source and when you grant Google access, when you sign up for Google and you just click accept to use this cool tool that you read or heard about, you are also granting hackers access to information.
Since we deal with a lot of confidential information K-12 schools are HUGE targets to these lateral phishing schemes. Google has created a Help Desk article that you can follow step by step to help keep yourself informed and protected: https://support.google.com/accounts/answer/3466521?hl=en
For the more simplified version:
Most important you need to think about what you have granted access to and if they need that access. You can check that here: https://myaccount.google.com/permissions?pli=1
As mentioned in the video and article Basic Information isn't the worst thing but you need to look at those that you have given full access or access to your gmail and drive as they could potentially be sending things as you that you are not aware of.
Bottom line is "Never Trust, Always Verify" meaning don't take a company's word but pay attention to who you are granting access and what you are granting them access to. Take some time to look at what Apps and Extensions you may have that you don't need/use and what access they have.
Students and staff alike should be taking time on a regular basis to check who has access to what information.
Comments
Post a Comment