If you’re using Canvas with the Chrome browser, you need to be aware that a malicious Chrome Extension is doing the rounds as part of a current phishing scam. If installed, the extension, which goes by the name of OneClass, may send email on the user’s behalf and attempt to steal login credentials.

If you receive a communication that includes a link like the one below:

https://chrome.google.com/webstore/detail/oneclass-easy-invite/   followed by a string of random letters

DO NOT CLICK ON THE LINK!

If you receive an email along the following lines:

"Hey guys, I just found some really helpful notes for the upcoming exams for <University Name> courses at https://oneclass.com/s/signup.  I highly recommend signing up for an account now that way your first download is free!"

DO NOT CLICK ON THE LINK!

If you see a button inside Canvas that says:

“Invite Your Classmates to OneClass”

DO NOT CLICK ON THE BUTTON!

As always, if you receive any invitation to click on something you’re not familiar with, there is only one sensible response – don’t click. Phishers rely on people doing things automatically and without thinking – don’t be that person.

If you have questions about this or any other security issue, please don’t hesitate to contact information security at x3815 or the technology help desk at x3457