Middlebury

 

 

What to do if Phished

What to do if you fall victim to a phishing attack:

  1. Reset all of you passwords
  2. Disconnect you computer from the network
  3. Contact the Helpdesk at 802.443.2200

The helpdesk will help you to determine whether the concern is a virus, identity theft or security concern. The difference of these issues will determine the next steps and course of action.

What is Phishing?

A form of Social Engineering, phishing is a malicious effort, often email or web based, aimed at fraudulently gaining sensitive information from targeted individuals. This information is then leveraged for acts such as identity theft, system access or other malicious activities.

Check out:

http://www.phishing.org/

http://www.onguardonline.gov/phishing

http://www.microsoft.com/security/online-privacy/phishing-symptoms.aspx

Facts about Phishing!

  • It is estimated that 156 million phishing emails are sent everyday.
  • Only 16 million of those emails make it through spam filters.
  • Of the emails that make it, 8 million of them are opened.
  • In those opened emails, 800,000 links are clicked.
  • Of the people who clicked the links, 80,000 fall for a scam and share their personal information.

The information collected through successful phishing attacks can result in stolen identities, financial loss, credit card frauds, and other internet scams.

In the end, these phishing emails hook about 80,000 victims a day, don't be one of them!

Phishing Basics

Are you wondering how to spot a phishing attack? Here are some basic things to look for:

  • Spelling mistakes: As many Phishing attacks originate in countries outside of the United States it is common to find grouse spelling errors in many of the messages.
  • Unknown sender: Phishing attacks often say they are from a department you might now but the email address or the actual name used does not match to names used here at Middlebury. For example you might get an email from the Middlebury Email Support with an email address of XSD at 123.com First there is no Middlebury Email Support  department and all of our email addresses end MIIS.edu or Middlebury.edu.
  • Links: while historically legitimate vendors would not put a link in an email, this trend is going away. Today links in emails are becoming commonplace. Make sure you check these links before clicking on them. If you point to a hyperlink in Outlook it will show you the URL or destination address that the link points to. If you question the destination then you are better off browsing to the vendors home page manually or searching for them through Google or your favorite search engine.
  • Content: Always question an email that promises to give money or asks for money. Likewise never give out passwords or personal information that have been solicited through email. Vendors such as banks identify themselves in email with unique credentials and will instruct you to contact customer service through a number that you already have. Likewise Middlebury User Services or other representatives of Middlebury’s Library and Information Services would instruct you to contact the Helpdesk rather than solicit information directly from you through an email.

Phishing Mailbox

Please forward all suspected phishing email to phishing@middlebury.edu. This mailbox will be monitored for suspected phishing attempts and used to collect samples of phishing attempts against Middlebury. Those that we are able will be blocked may be manually added to our filters. Please note that most phishing attempts sent to the college are blocked automatically by our SPAM filters.

Phishing at Middlebury

We have recently experienced a dramatic increase in the number of successful phishing attacks that resulted in Middlebury user accounts being compromised. A phishing attack is the effort of maliciously using email or a web site to try to unwittingly gain information about another individual. These recent attacks resulted in two distinct outcomes. The first was that many of these accounts were leveraged to generate large amounts of spam. The second result from these compromised accounts is that the attackers attempted to connect to the Middlebury network with the exposed user’s credentials.

This past week many individuals across our campus received an email that looked similar to the one below:

Message with “Middlebury” as the display name

From: Middlebury College
Date: April 29, 2013, 20:30:47 EDT
To: Undisclosed recipients:;
Subject: Account Update
ACCOUNT NOTIFICATION You have 1 new message Click here to read © Middlebury College

The link in this message redirected people to copy of the Middlebury CAS Logon page. Two important things to know about email from Middlebury IT Services. First, Library and Information Services will never ask for your user credentials in an email. Second, if you find yourself on any web page that is asking for credentials, always verify the address in your web browser’s address bar, to ensure that the web page is where you really want to be. Just because a web page has the Middlebury logo does not mean it is always a Middlebury web site.

To protect against phishing remember the following rules:

  1. Never click on any links in a suspicious email.
  2. If you ever receive an unsolicited email  and you do not recognize the sender delete the message.
  3. If you receive an email that requests your credentials or asks you to click a link which takes you to a web site that requests your credentials, do not click the link but rather go to the web site through the institution home page, Middlebury.edu for example.
  4. If you suspect an email is fraudulent delete the message.
  5. If you ever have questions regarding phishing or the content of an email call the Helpdesk.

The Helpdesk will help you determine if the email is legitimate. Please do NOT click on any links in a suspect email message.

If you suspect that you may have recently provided your Middlebury credentials to a fraudulent web site or email address, you should immediately reset your password at go/activate and then contact the Helpdesk.

If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

More information is available at the Middlebury College Information Security web site at go/infoSec or contact the InfoSec office at infosec@middlebury.edu.

Ian Burke
Information Security Administrator
Middlebury College
infosec@middlebury.edu