Posts by Ian Burke


Security Notice: Typosquatting

Categories: Midd Blogosphere

Middlebury Information Security received information that fraudulent emails are being sent from a malicious domain, “”, to businesses that might provide equipment and supplies to Middlebury College.

The suspicious emails are crafted such that they appear to come from actual Middlebury College employees, though the contact information provided includes incorrect telephone numbers and email addresses.

Note that suspected bad actors are using a typosquatting technique – there are two R’s in “”, and Middlebury’s domain name ends in .edu, rather than .org.   Those details, however, are perhaps an easy thing to miss, especially at a quick glance.     ​

Efforts are underway to takedown the domain, and to suspend the domain holder’s email service.

Please contact with questions.

Security Notification: Ransomware Delivered Through Phishing Attacks

Categories: Midd Blogosphere

A year ago the Internet saw a rash of malware known as ransomware. This malicious form of cyber attack is known for infecting a computer and encrypting a drive. The victim is then unable to recover their data until paying a ransom to the attacker. Middlebury, like many other institutions was not immune to this form of attack.

A week ago the FBI announced a new variant on a common form of these attacks known as CryptoWall. This form of ransomware is known to have four methods of infecting a computer.

  • Phishing: the attacker may lure a victim into downloading an infected attachment through a phishing campaign and thereby compromising the drive on their system.
  • Phishing: the attacker lures the victim into clicking on a link to a malicious web site where the victim unknowingly downloads the malicious software onto their system and compromises their drive.
  • Infected ad: the attacker posts and infected ad on a website which a user might click thereby causing the download of malicious software.
  • Compromised website: the attacker compromises a website so when a user visits the website they unknowingly download malicious software and compromise their system.

According to the FBI, by far the most common method of attack is phishing, particularly with attachments in the message.

What you can do to protect yourself:

  • Never open attachments or click links in emails that you do not recognize or trust.
  • Know what a phishing attack is and how to spot one. visit or
  • If you think you have fallen for a phish change your password. then call x2200
  • If you believe you system is compromised, unplug it from the power and the network. Shut it down immediately. Do not worry about saving your work. then call x2200.
  • Backup your data routinely. If you save your data to Middfiles or your home directory it will be backed up automatically.
  • Never disable your antivirus software.
  • Send any suspect emails to
  • Only download software from known vendor sites.
  • Don’t click on ads in web sites. Visit vendor websites directly.


Cyber Security Awareness Month Event Today

Categories: Midd Blogosphere

Just a reminder that LIS and the LIS Security Team are hosting a day of speakers starting at 9:00 in McCullough Social Space. Come enjoy the event and learn how to protect yourself against cyber threats. more information at

Cyber Security Awareness Month

Categories: Midd Blogosphere

Come listen to experts from across the State speak on new technologies and security topics that impact all of us in our daily lives. Learn how you can fall victim to identity theft. Hear how Google Glass could be the next great technology wave and the next great technology threat. This full day event in Middlebury’s McCullough Social Space will run from 9:00 AM to 4:00 PM on October 9th. For more information please visit

Open RoadShow on Information Security

Categories: Midd Blogosphere

LIS Information Security and the LIS Security Team will be hosting a lunch time RoadShow on information security and basic ways to protect yourself while working on Internet connected computers. This discussion is open to the full College community. Please join us Aug. 28th at noon in Davis Family Library room 145. For more information please visit:

Sunday Morning Maintinance

Categories: Midd Blogosphere
This Sunday morning we will be making some modifications to our network security equipment. This will result in a couple of brief interruptions of a few minutes or less to our internet connection. This work will be completed approximately 6:30 to 7:00 in the morning EDT.

FakeAV a leading threat in 2013

Categories: Midd Blogosphere

What is FakeAV: FakeAV is a virus designed to look like real anti-virus software in the hopes that the victim will click a link and download a malicious package. The malware often does not stop there. Many FakeAV packages continue the con by disabling true anti-virus packages claiming that they are harming the system they are intended to protect. These viruses come in many forms but are well crafted to present like a trusted virus prevention source.

Read more about FakeAV at: 

Learn more about security threats and awareness at