GoogleApps

Phishing Attack

by

There was a major phishing attack today. This one was particularly well done. In short, here is what was happening:

Users would receive an email that someone had shared a document with them. This document was a “real” person. When the user clicked on a link, there was a prompt to allow “Google Docs” access to your data. This was an App that was masquerading as “Google Docs”.  If the user clicked “Allow”, the App now had access to contacts and would further propagate itself by sending out more emails.

This phishing attempt was well crafted in several ways. Everything was spelled correctly. The link looked perfectly legitimate. Lots of people clicked the link and allowed access.

As soon as the Technology Department saw this attack, we immediately began taking steps to intervene. Our intervention included many steps with an “all hands on deck” mentality. We were able to very quickly stem the flow of phishing attacks. However, email moves very quickly and there were some people who received the emails. Again, we took many steps to mitigate the damage (which we don’t lay out here for security reasons).

This attack was not limited to Dearborn Public Schools. Thus, your personal Google account may also have been compromised.

Google has revoked the access that this App had. Thus, everything should be fine now. However, if you want to be double-triple sure, you can go to your Google settings and remove access (the App should no longer be there, but you can confirm that):

  1. Go to google.com.
  2. Click on your picture in the upper right hand corner and select “My account”
  3. Click on “Connected apps & sites”
  4. Click on “Manage Apps”
  5. Find the app called “Google Docs” (you may have a legitimate one – click on the name to check the date installed. If today, May 3, 2017, it could be a problem).
  6. Revoke all permissions

 

Again, it appears as though Google has responded in a method that completely remediates this issue. You shouldn’t have to do anything in particular.

This is a good time to remind ourselves to be careful when we approve others having access to our stuff though. Think twice, click once.

Refreshing the Google Accounts login page

by

Google will be updating the look of the log in page.

Starting April 5, 2017, we’re rolling out an update to the Google Accounts sign-in page to give users an improved experience to securely sign in to their accounts. This new design will make browser sign-in flows consistent across computers, phones and tablets.

Example of new Google Log in page

What will stay the same

  • The steps to sign in won’t change. You’ll enter the same information you usually do, like your email address and password.
  • You can use your account to sign in securely to the same Google services as before.

Why the page is changing

The new sign-in page will:

  • Have a cleaner, simpler look.
  • Make the sign-in process faster.
  • Be consistent across computers, phones, and tablets.

Google Classroom

by

Please note that we’ve discovered an issue with Google Classroom. If you attempt to go to Google Classroom without already being logged into Google, then you will receive a 404 error.

Error 404. Unknown Link message.

However, if you are logged into Google, you will be presented with the Classroom. Thus, if you are trying to go to Google Classroom, but get an error page, please sign into Gmail and then go to Google Classroom.

Google Update with AutoCrat

by

Many people are using AutoCrat to share information or create mail merges automatically. This is a fantastically efficient way to share information. Please be aware that Google has just made a change that may effect these forms. If you automatically collect user names, Google is changing the name of this field from <<username>> to <<Email Address>>.

It appears that Google has recently made a change to the field that automatically collects email addresses, changing it from <<username>> to <<Email Address>>. As Autocrat basically creates merge messages, it’s still looking for <<username>> and will generate an error in the send status column (e.g. Error: Invalid email: undefined).

To fix this you’ll need to go through all of your spreadsheets and edit your templates. Unfortunately, it appears the changes are rolling out arbitrarily (I have a mix of spreadsheets that have been updated).

Thank you.

Chromebook Sign out button

by

In order to make signing out easier for students, we’ve added a red “Sign out” button along the bottom of our Chromebooks. Students should use this to sign out when they are done.

Log out button on bottom of screen

Google Admin Set up:

*I’ve received a few requests on how to do this. If you are a Google Admin, here are the directions:
  1. Sign in to Google Admin
  2. Select device management
  3. Chrome management
  4. User settings
  5. Choose your Student OU
  6. Under “Session Settings” Select “Show logout button in tray”
  7. Then Save
Session Setting options

Monitoring Chromebooks

by

Introducing HiveSchool.

HiveSchool is a connected learning application that lets teachers provide an engaging, collaborative and effective learning experience for their students.

The application enables teachers to present digital content to the class, monitor student activity, keep students on task and assign a variety of learning resources. Designed for ease of use, it requires only a very short learning curve for teachers and students.

Highlights

  • Presents digital content to the class – from the teacher’s or a student’s computer.
  • Live view of student screens, to monitor student activity.
  • Lets teachers control student activity to keep the class on task.
  • Easy management of teaching resources
  • Visual, intuitive class dashboard

 

I’ve written up a HelpSheet, but I need feedback to improve it before sending it out to all teachers.

 

Check it out here.

Name Updates

by

Since we rolled out email for students, we are aware that there has been some confusion over the names. We have several instances of students and staff with the same name. In order to help clear up some of the confusion, we are implementing pre-appending Student: to all students.

Currently, this doesn’t seem to show up in the Gmail Compose window, but does show up in Contacts.

It looks like this:

example of contact that starts with Student:

Naturally, you should note the difference in gmail addresses (staff has a very different pattern than students).

Once everything is processed and in sync, users can start email with Student: Student Name (where Student Name is an actual name).  This doesn’t help with just typing the name of an adult staff member and seeing a student though (again, please look for the appropriate email address pattern).

Hopefully, this will be one more clue to assist all of our users.

We are working on implementing some other features to assist in identifying staff and students.

*Please note that this is still rolling out and not all students will have the pre-appended Student:  yet. We are not sure how long that the sync will take.

Privately shared Google files and Anonymous User

by

 Interesting “bug”

Did you know that if you share a file privately with a known collaborator and they open the file twice, it may appear as if an external anonymous user is accessing the file?  When we found this strange behaviour, we reported it to Google and got this response…
‘In some cases, when a collaborator opens the same file in two different instances, one of the open sessions may show u as an anonymous user. For example, if a user opens a file on their desktop computer, as well as in a mobile device, the oldest session may be shown as an anonymous user’
So now you know … no need to panic.

Document and Calendar Sharing

by

Every once in a while, life provides opportunities to test our patience, our learning and our trouble shooting skills. We’ve discovered another of these opportunities.

Essentially, we had a database file go asunder. This file syncs with our Google Groups. We were able to locate the database and recreate it. The file sync was rerun. However, the groups ended up being recreated.

The end result of this is that the groups are now “new”. They have the same names. They have the same individuals in them. However, they now have new identifier numbers. These new identifier numbers are crucial.

Calendar Items and Documents that are shared will most likely need to be shared again.

The exceptions are calendars and documents that are public. These will remain public. We have put some additional procedures in place so that we can maintain the same identifiers should this ever happen again.

Until our next learning opportunity…

Follow this blog

Get every new post delivered right to your inbox.