November 2016 Phishing Attack

Many organizations have been the target of a large-scale phishing attack this November 2016.  The attack is currently on-going, and you need to know a few things to both keep yourself safe and find out if you were compromised.

How to stay safe?
If you receive an e-mail with a title saying something on the lines of "INVITATION TO ACCESS SECURE DOCUMENT" that contains a PDF with a link to a Google Login page (this page is fake but looks very real) this is fake, even if it comes from someone you know.  Do not follow it.

Was I compromised?
If you did click the link in the PDF, which looked like this (it may have looked slightly different as they are constantly changing how they attack):

And then proceeded to type in your password to a page which looked like this (note it may have looked different as they are constantly changing):

Then your account and any saved passwords have been compromised.  

Please note, if you clicked the PDF and logged into the page pictured below you are not compromised.  Our filter began blocking the link and this was our web bypass page.

If you have been compromised please reset your NUSD passwords here ( - note, only works inside of NUSD).  Additionally, visit and reset any passwords for websites shown on this page.  Anything saved here should be considered compromised as well.  If you have any questions or concerns please do not hesitate to call IT at extension 4194 (or # 510-818-4198) as soon as possible.

Larry Simon,
Nov 9, 2016, 2:32 PM
Larry Simon,
Nov 9, 2016, 2:14 PM
Larry Simon,
Nov 9, 2016, 2:34 PM