Several times a year, we see waves of phishing and spam attacks cycle through K-12 email domains. Our K-12 schools are tightly connected with other districts – sharing staff, AEA services, vendors and more, so spam emails are quickly spread and quickly read, infecting inboxes of students, patrons, staff and more.
When Google sees a suspicious login attempt, it will often present a login challenge. This may include:
•A pin code sent to your cell phone
•A request to verify your recovery email address
•A request to verify your usual sign-in location
•Domain administrators can also setup two-factor authentication for their domain, or assign an employee ID to use as the login challenge.
If you have not set up your recovery cell phone number or your recovery email address, Google defaults to ask your usual sign-in location.
Another security feature to help you keep your account safe is an automated email that notifies you of a suspicious login. Individual users do have the ability to disable this feature, but we highly recommend that you keep it turned on. It takes just seconds to delete an email when you sign-in on a new device. Full recovery from a hacked account is a much longer process!
To learn how to setup your recovery cell phone number and recovery email address, follow these steps from Google.
If your account has been hacked, your Google Administrator may need to help you with some digital clean-up. We typically check account settings for these changes:
•Clear sign-in cookies, either through the administrative console or through the user’s account
•Check for a reply-to address and name change in the user’s email settings
•Check for a forwarding address in the user’s email settings
•Check sent mail to see if the account was used to send out spam/viruses
We also recommend these computer security steps:
•Run a scan on school machines and home machines that accessed this Google account
•Consider whether your school Google password was the same password used for other accounts. If it was, it is important to change passwords for other accounts as well. In the future, use unique passwords for each account.
•Consider whether you may have responded to a phishing request and given up your Google credentials to a spammy website. You may want some training in recognizing phishing emails.