March 2021 Technology Newsletter

By: Michael Kealy

Lightspeed Parent Portal

To support strong communication with students' families, Lightspeed has introduced a new resource available to parents which we deployed at the beginning of March.


Lightspeed Parent Portal
On-demand visibility for parents into their children's online activity adds to the measures you've taken to protect your students.

  • Automate weekly emails to parents with an overview of their student’s online activity for the past 7-days
  • Enable parents access to the Parent Portal for deeper insights into their student's browsing behavior, including dates, times, and clickable links to pages and sites visited.
  • Allow parents to pause internet browsing during after-school hours

Set up Google Meet breakout rooms ahead of meetings in Google Calendar

Quick launch summary

You can now set up Google Meet breakout rooms in advance on Google Calendar. This makes it easier for teachers and meeting facilitators to prepare for differentiated learning, be thoughtful about group dynamics and avoid losing valuable time setting up breakout rooms during the call.


Google previously announced this feature at Learning with Google, and it is now rolling out to customers.


Resource

Sign in to RSVP via hyperlinks in Google Calendar email invitations

Quick launch summary

In order to prevent unauthorized users from responding on your behalf to Google Calendar event invitations, Google will now require you to be logged in to use any of the RSVP hyperlinks in invite emails. Previously, organizers or anyone with a specific invitee's invitation copy could respond on behalf of that invitee.


If a user is not logged in, they will be asked to sign in to their Google Account. Note that this only applies to users with a Google account.


Resources


Safe Schools is Rebranding to Vector Solutions


  • The SafeSchools Training product that Beacon City School District uses for our online staff training is getting a new name. The new product name will be Vector Training, K-12 Edition.


    The product itself is not changing, and you will continue to have access to the same training site. Your current process for logging in to complete your assigned training will not change. You will continue to login as you always have at https://beaconcityk12-ny.safeschools.com/login

  • There will be no disruptions to any current training assignments or reporting of your completed training https://beaconcityk12-ny.safeschools.com/login

  • When users log in to our SafeSchools Training after 3/24/21, they will see a new logo.

Increased Cybersecurity Warnings March 2021

Just 2 weeks into the month of March I have seen an increase in the number of cybersecurity warnings the district typically receives from the FBI, CISA, DHS, NYSED, and other sources. With the increase in warnings I am encouraging you to be vigilant for suspicious emails.


Be wary of clicking links and/or attachments in emails from senders you do not know. Every user is the first line of defense against an attack, essentially your account access can open the door to our network to friend or foe.


Below are several relevant articles and warnings that my department and I have received in the last month.

Be Smart! Don't Click On Suspicious Email Links and Attachments

The Department of Homeland Security warned of a heightened ransomware threat against K-12 schools in just December, saying educational institutions represent a ripe target for hackers seeking to extort victims for financial gain. Over half of all ransomware attacks against state and local government entities reported in the last several months of 2020 impacted K-12 school systems, according to the alert.

BEWARE: Vehicular Traffic Infringement Phishing Scheme

CISA and FBI are aware of recent attacks that use phishing emails, claiming to contain proof of a traffic violation, to steal sensitive information. The phishing emails contain links that redirect to a website hosted on a compromised server that prompts the victim to click on photo proof of their traffic violation. In clicking the photo, the victim unknowingly downloads a malicious JavaScript file that, when opened, automatically communicates with the malicious actor’s command and control server to download TrickBot to the victim’s system.

Social Security Scam Using Fake Government Badges

The Social Security Administration (SSA) Inspector General has issued a fraud advisory warning the public of a phone scam that “deceives people into sending money or personal information.” The scammers may text or email photos of fake government badges as proof of their authenticity.


The SSA provided the following list of actions in the fraud alert that they would never take:

  • text or email images of an employee’s official government identification
  • suspend your Social Security number
  • threaten you with arrest or other legal action unless you immediately pay a fine or fee
  • require payment by retail gift card, wire transfer, internet currency, or mailing cash
  • promise a benefit increase or other assistance in exchange for payment
  • send official letters or reports containing your personal information via email

The SSA advises the public to report Social Security fraud through their website: https://oig.ssa.gov./

More information on this Social Security scam:

SSA Fraud Advisory: SSA Inspector General: New Tactics for Government Imposters

Dark Reading: New Social Security Scam Spoofs Government Badges

See Below How Trickbot A Malicious Software Infiltrates A Network. Initial Access Starts With Phising The Average User.

Big picture