Spam emails sent from school addresses

Tuesday, 25 September 2018

On the 24th September, a small number of users in school clicked a link on a malicious email and began sending a large quantity of spam emails, perpetuating the same message they had been caught by. The infection seemed to scan through the targeted inbox to get addresses, and re-used subject lines from those emails to make itself appear relevant and less suspicious.

With minor wording variations, the emails all looked like this:
If you received an email like this, do not click the link in the green box. It is not a genuine email. Following the link will only spread the infection. Please delete the email.

All copies of the email have been removed from school inboxes, and filters have been put in place to prevent the further transmission of these malicious emails in and out of school. All affected accounts have had their passwords reset, and no further emails have been sent since 10pm last night. To the best of our knowledge no data has been lost; we are continuing to investigate and will update in due course if we uncover any pertinent new information that requires disclosure.

With our apologies,
--KGGS IT department