@MiddInfoSec: “Middlebury College!” A Well Crafted Phishing Attack Looks to Come from the College

Over the past couple of days Middlebury College has been the target of a well-crafted  phishing campaign. Phishing messages are email messages designed to trick you into divulging your username and password. In this case, the phishing messages were written so that they looked like they were sent from Middlebury’s Department of Public Safety. An example of this phishing message is included below.

Middlebury’s email system was able to filter the vast majority of these phishing messages, delivering them into each recipient’s Spam Quarantine. Even with this protection, however, a few individuals released the messages from their quarantines, opened  the messages, and clicked on the phishing links therein.

Always use caution with quarantined messages. The quarantine is specifically designed to protect you from phishing attacks.  If you have any questions about a quarantined message, contact the Help Desk or send a note to phishing@middlebury.edu. We would be glad to help.

Sample Phishing Message:

phish-1062016

For more information on phishing please visit http://go.middlebury.edu/phish. For additional details about spam filtering and the spam quarantine, please review Spam Filtering at Middlebury.