What to do if Phished

What to do if you fall victim to a phishing attack:

  1. Reset all of your passwords
  2. Disconnect your computer from the network
  3. Contact the Helpdesk at 802.443.2200

The Helpdesk will guide you through any additional steps that should be taken to protect your information and determine an appropriate course of action to resolve the issue.

Phishing Mailbox

Please forward all suspected phishing email to phishing@middlebury.edu.

This mailbox is monitored. This mailbox provides a quick action resource for responding to phishing attempts. Please report any suspect email messages.

What is Phishing?

Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication, such as an email message.

Check out:

http://www.phishing.org/

http://www.onguardonline.gov/phishing

http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx

Facts about Phishing!

  • It is estimated that 156 million phishing emails are sent every day.
  • Only 16 million of those emails make it through spam filters.
  • Of the emails that make it, 8 million of them are opened.
  • In those opened emails, 800,000 links are clicked.
  • Of the people who clicked the links, 80,000 fall for a scam and share their personal information.

The information collected through successful phishing attacks can result in stolen identities, financial loss, credit card frauds, and other internet scams.

In the end, these phishing emails hook about 80,000 victims a day. These resources can help you avoid becoming a phishing victim!

How do I Spot a Phish?

Are you wondering how to spot a phishing attempt? Here are some basic things to look for:

  • Spelling mistakes: Many phishing attacks originate from countries where English is not the native language, thus it is common to find spelling errors in phishing messages.
  • Unknown sender: Phishing messages often claim to be from a person or entity that may seem familiar but the email address or the actual name used does not match. For example you might get an email from 'Middlebury Email Support' with an email address of 'XSD@123.com'. In this example, Middlebury does not have an "Email Support" department and our official email addresses use the domains MIIS.edu or Middlebury.edu.
  • Links: Make sure to check links in email messages before clicking on them. When you hover over a link in an email message, most email clients will display the URL or destination address that the link points to. If you suspect that the destination address might be malicious, do not click the link! If the email in question appears to be from a vendor, it may be wise to manually browse to a vendor's home page or search for the vendor through Google or your favorite search engine, rather than to trust the link in a suspect email message.
  • Content: Be suspicious of any email that promises to give you money or asks for money. Never give out passwords or personal information that have been solicited through email. Some vendors (such as legitimate financial institutions) may instruct you to contact their customer service department through a phone number that you already have. Remember, Middlebury ITS staff never ask you for your passwords!
How do I Protect Myself from a Phish?

Remember...

  1. ITS will never ask for your user credentials in an email.
  2. If you find yourself on any web page that is asking for credentials, always verify that the address in your web browser’s address bar is where you really want to be. Just because a web page has the Middlebury logo does not mean it is always a Middlebury web site.

To protect yourself against phishing emails, practice the following:

  1. Never click on any links in a suspicious email.
  2. If you ever receive an unsolicited email  and you do not recognize the sender delete the message.
  3. If you receive an email that requests your credentials or asks you to click a link which takes you to a web site that requests your credentials, do not click the link but rather go to the web site through the institution home page, Middlebury.edu for example.
  4. If you suspect an email is fraudulent delete the message.
  5. If you ever have questions regarding phishing or the content of an email call the Helpdesk at x2200.
How Does Phishing Impact Middlebury

During the past few years, a dramatic increase in the number of successful phishing attacks has resulted in compromised Middlebury user accounts. These compromised user accounts are usually leveraged to generate large amounts of outgoing SPAM email and, in some cases, attackers attempt to connect to Middlebury's network with phished user credentials.

Remember, phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication, such as an email message.

What Does a Phish Look Like?

Phishing messages are very well crafted. Make sure you read all emails from top to bottom to check for any clue that it might be phishy.

.

Password Reuse

Password reuse is an attack method where attackers use credentials obtained from one breached service against a different service. You may remember :

  • DropBox - 2012
  • LinkedIn - 2012
  • Yahoo - 2014

all experienced large data breaches exposing millions of usernames and passwords. Many of those credentials apear to have been leveraged against Middlebury's network as individuals have used the same password for those accounts as they did for their Middlebury account. Strong defense against a password reuse attack includes two steps:

  1. Always use a unique password for each account. While this may be cumbersome, tools such as 1Password or LastPass can help to manage your many passwords.
  2. Employ Multi-Factor Authentication whenever possible. Learn more about MFA at http://go.middlebury.edu/MFA.