Phishing

Updated

Report Phishing

  1. Open Gmail
  2. Open the email that you want to report as phishing
  3. Next to reply , click the vertical ellipse  
  4. Click Report Phishing
If you are unsure if it is phishing, please forward it to phishing@bigelow.org. Please do not report it through HelpDesk.

Phishing Info

You may have received emails that start with:

I greet you!

I have bad news for you.
DD/MM/YYYY - on this day I hacked your operating system and got full access=
 to your account name@domain.com
On that day your account (name@domain.com) password was: passw0rd

They claim to have hacked your router, installed malware, and stolen your password. They also took embarrassing screenshots of your computer that they will share. And of course, they want you to buy their silence with bitcoin.

None of this is true. See the Q/A below for more information. Please email it@bigelow.org with any questions.

You can read more about the attack here.

Did my computer/router really get hacked?

No. This is a phishing email trying to scare you into paying a ransom.

How was the email sent from my address?

It is not only possible, but easy, to "spoof" and email address. That is, send an email and make it look like it came from the recipient. If you look at the email headers, you can see the actual domain and IP address that the email was sent from. Unfortunately, spammers are smart enough to 1) make the domains untraceable and 2) create and delete domains frequently to avoid detection. Since we use two factor authentication for email, it is only possible for a hacker to log into your account if they have your password AND your cell phone.

Okay, but how did they get my password?

They did not get access to your Bigelow email or domain password (as they claim). Rather, they have a list of usernames and passwords from hacked websites. For this reason, we have a policy against using your Bigelow password on other sites (and using passwords on other sites for Bigelow). You should immediately change your password on any accounts that use the password shown in the email.

How do I make a strong password?

Your Bigelow passwords, indeed all passwords, should be unique and a minimum of 16 characters long. This can seem daunting, but having a good password manager can really help. We are working on giving employees access to 1Password, the leader in secure password management. In the meantime, try using several random words (not related to you) for your password.

Still need help? Submit a ticket.

How did we do?

Google Calendar Overview

Schedule emails

Powered by HelpDocs (opens in a new tab)