Security Advisory – Malicious OneClass Chrome Extension

Students are being phished to install the OneClass Chrome Extension, which is not available directly via search in the Chrome Extensions Store.  During installation, the extension requests permissions to “Read and change all your data on the websites you visit”. However, students may not closely read or fully understand the requested permissions before accepting them. The extension adds an overlay that makes Blackboard Learn appear to have a button inside the Learn pages to “Invite Your Classmates to OneClass”. The plugin will email all the students in a students’ class (utilizing Learn URLs and resources, which are functioning as designed) to promote the OneClass plugin/product. If they see this button, then you should navigate to your Chrome settings and remove the plugin.

The email content is:

“Hey guys, I just found some really helpful notes for the upcoming exams for courses at I highly recommend signing up for an account now that way your first download is free!”

If you receive this email, please delete it and do not click on the link or respond.

If you have any questions or comments, please contact the Campus Support Center at 968-0646 or