Category Archives: Helpdesk Alerts

Information Security Alert: New Phishing Technique Being Exploited

Ref: https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/

What you need to know

A new highly effective phishing technique targeting Gmail and other services has been gaining popularity during the past year among attackers. Over the past few weeks there have been reports of experienced technical users being hit by this. This attack is currently being used to target Gmail customers and is also targeting other online services.

[Basically, the location bar of your web browser is used to trick you into disclosing your account credentials by displaying an actual login page’s URL that is prefaced by something sneaky.]

How to protect yourself against this type of phishing attack

You have always been told: “Check the location bar in your browser to make sure you are on the correct website before signing in.” To protect yourself against this new phishing technique, you need to change what you are checking in the location bar. Read more…

[Please read the article posted on WordFence.com for the complete story. Also note that while Middlebury has a Google Apps for Education (or G-Suite) instance, our sign-in page is a Middlebury-branded and not a Google-branded. Still, this is important info for protecting your personal Gmail account and other services that this technique may try to exploit.]

 

InfoSec Alert: Fake “Microsoft Tech Support” Telephone Calls

Please note,

Several members of the Middlebury community have recently reported receiving fake “Microsoft Tech Support” telephone calls. These calls are scams. Microsoft does not make unsolicited phone calls to help you fix your computer.

If you receive a call from someone claiming to be from “Microsoft Technical Support” (or a similar sounding organization), hang up. The con artists on the other end of the line are trying to trick you into installing unwanted and potentially malicious software on your computer or disclosing your account credentials.

Again, Microsoft’s support organization does not initiate contact with customers. If you receive a call from someone claiming to be from Windows Support or Microsoft Tech support, just hang up on the call.

For more information on how to avoid telephone support scams, please see
Microsoft Safety & Security Center: Avoiding technical support scams.

@MiddInfoSec Phishing Alert: don’t fall for “FW: VERIFY” scam email

Be on the alert for a suspicious email purportedly sent from an internal sender with the subject line “FW: VERIFY”. This is a confirmed phishing message, designed to trick you into divulging your username and password. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

For more information about phishing attacks, please visit http://go.middlebury.edu/phishing

For more information about the spam quarantine, please visit http://go.middlebury.edu/spam

@MiddInfoSec Phishing Alert: don’t fall for “RE: all mail-box Web App ” scam email

Be on the alert for a suspicious email purportedly sent from “Jailina.Miranda@microchip.com” with the subject line “ RE: all mail-box Web App “. This is a confirmed phishing message, designed to trick you into divulging your username and password. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

 

For more information about phishing attacks, please visit http://go.middlebury.edu/phishing. For more information about the spam quarantine, please visit http://go.middlebury.edu/spam.

@MiddInfoSec Phishing Alert – “Security Alert!!” and “Campus Security Announcement!” messages are confirmed phishing attacks.

Be on the alert for suspicious emails purportedly sent from “juan.lopez@mail.mcgill.ca” with the subject lines “Security Alert!!“ and “Campus Security Announcement!”. These are confirmed phishing messages, designed to trick you into disclosing your Middlebury credentials. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

For more information about phishing attacks, please visit http://go.middlebury.ed/phishing

For more information about the spam quarantine, please visit http://go.middlebury.ed/spam

Unified messaging delays

For those of you who use our voice mail unified messaging option, i.e. voice mail in email inbox, we’ve discovered that since 11/22/16 there is a varying delay in receipt and notification of a message from between a few minutes to over an hour. Our vendor is troubleshooting the issue.  Voice mail users who don’t use unified messaging are not affected and continue to receive messages and notification within seconds of being left by caller.

Systems Maintenance this Sunday, December 4th, 2016

During our regular maintenance window this Sunday, December 4th, 2016 from 6 am – 10 am EST we have the following activities scheduled:

 

  • There will be brief network outages at Painter House while the building circuit is changed.
  • There will be a change to the wireless infrastructure that may require remote access points to reboot.
  • The servers hosting the Mediawiki and GO (both go.middlebury.edu and go.miis.edu) applications will be upgraded. There will be some brief service outages related to the upgrades.
  • There will be a brief network outage for offices in the 700 Exchange St building while the circuit is changed. The data center will not be impacted.

 

We appreciate your patience as we continuously strive to keep our systems functioning optimally.

 

Regards,

Billy

 

 

Billy Sneed

ITS – Central Systems & Network Services

Middlebury College