GO/phish

Early this morning, Middlebury experienced another email phishing attempt. The email message read like this:

— Message Start —

Warning !!!

Web administration has noticed your email was logged in in another location we advised that you change your PASSWORD to submit your new information CLICK HERE

Thank you for using our email.

Copyright ©2013 Email Helpdesk Centre.

— Message End —

Had you followed the CLICK HERE link in the phishing email, you might have seen another fraudulent Google form asking for your account credentials and other personal information.

Be advised that Google recently implemented security improvements to the Google Drive/Docs service that blocked the fraudulent form almost immediately. In addition, controls were enabled on our systems to block any additional matching messages from being delivered.

Still, if you suspect that you may have recently provided your Middlebury credentials to a fraudulent Google web form, you should immediately reset your password at go/activate and then contact the Helpdesk. If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

It is important that community members keep themselves informed about these types of information security threats and be vigilant about protecting their credentials and personal information.

More information about safe computing practices is available at go/infosec and remember that you can report phishing attempts to phishing@middlebury.edu.