Earlier today, the Barnard community received notice of a phishing attack aimed at university students. The phishing attempt occurs when a hacked university account attempts to share a Google doc with the target. When the target clicks the link to open the document, the hackers gain access to the target’s login information and may install malware to their Google account. Victoria Swann of Barnard User Services offers tips for staying safe and what to do if you’ve been hacked below*:
Dear members of the Barnard community,
There is currently a major phishing attack underway; not just at Barnard, but also Columbia and many other higher ed institutions. It takes the same form as any ordinary notification of a Google Doc being shared with you; and it may come from a person you know, or it may come from an address at “mailinator.com“.
DO NOT respond to that message or click the link in it. If you did click the link, change your password immediately at password.barnard.edu or contact the BCIT Service Desk for assistance at 212-854-7172. (Students can also go to 307 Diana for assistance; faculty and staff can go to Milbank 13.)
The link *may* also have given the malware package other access to your Google Account. Please check the apps linked to your account (My Account -> Sign-in & Security -> Connected apps & sites) and remove any that you do not recognize. Again, please contact BCIT if you need further assistance.
Google is aware of the issue and is working to alleviate it; and we are working to block additional copies of the attack coming into our domain.
Director, User Services
Barnard College | Columbia University
*The procedure may be different for Columbia students. Contact CUIT for assistance.