Tag Archives: @MiddInfoSec

Information Security Alert: New Phishing Technique Being Exploited

Ref: https://www.wordfence.com/blog/2017/01/gmail-phishing-data-uri/

What you need to know

A new highly effective phishing technique targeting Gmail and other services has been gaining popularity during the past year among attackers. Over the past few weeks there have been reports of experienced technical users being hit by this. This attack is currently being used to target Gmail customers and is also targeting other online services.

[Basically, the location bar of your web browser is used to trick you into disclosing your account credentials by displaying an actual login page’s URL that is prefaced by something sneaky.]

How to protect yourself against this type of phishing attack

You have always been told: “Check the location bar in your browser to make sure you are on the correct website before signing in.” To protect yourself against this new phishing technique, you need to change what you are checking in the location bar. Read more…

[Please read the article posted on WordFence.com for the complete story. Also note that while Middlebury has a Google Apps for Education (or G-Suite) instance, our sign-in page is a Middlebury-branded and not a Google-branded. Still, this is important info for protecting your personal Gmail account and other services that this technique may try to exploit.]

 

InfoSec Alert: Fake “Microsoft Tech Support” Telephone Calls

Please note,

Several members of the Middlebury community have recently reported receiving fake “Microsoft Tech Support” telephone calls. These calls are scams. Microsoft does not make unsolicited phone calls to help you fix your computer.

If you receive a call from someone claiming to be from “Microsoft Technical Support” (or a similar sounding organization), hang up. The con artists on the other end of the line are trying to trick you into installing unwanted and potentially malicious software on your computer or disclosing your account credentials.

Again, Microsoft’s support organization does not initiate contact with customers. If you receive a call from someone claiming to be from Windows Support or Microsoft Tech support, just hang up on the call.

For more information on how to avoid telephone support scams, please see
Microsoft Safety & Security Center: Avoiding technical support scams.

@MiddInfoSec Phishing Alert: don’t fall for “FW: VERIFY” scam email

Be on the alert for a suspicious email purportedly sent from an internal sender with the subject line “FW: VERIFY”. This is a confirmed phishing message, designed to trick you into divulging your username and password. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

For more information about phishing attacks, please visit http://go.middlebury.edu/phishing

For more information about the spam quarantine, please visit http://go.middlebury.edu/spam

@MiddInfoSec Phishing Alert: don’t fall for “RE: all mail-box Web App ” scam email

Be on the alert for a suspicious email purportedly sent from “Jailina.Miranda@microchip.com” with the subject line “ RE: all mail-box Web App “. This is a confirmed phishing message, designed to trick you into divulging your username and password. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

 

For more information about phishing attacks, please visit http://go.middlebury.edu/phishing. For more information about the spam quarantine, please visit http://go.middlebury.edu/spam.

@MiddInfoSec Phishing Alert – “To All Faculty/Staff” messages are confirmed phishing attacks.

Be on the alert for suspicious emails purportedly sent from tom.carrick@na.exide.com” with the subject line “To All Faculty/Staff“. These are confirmed phishing messages, designed to trick you into disclosing your Middlebury credentials. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

For more information about phishing attacks, please visit http://go.middlebury.ed/phishing

For more information about the spam quarantine, please visit http://go.middlebury.ed/spam

@MiddInfoSec Phishing Alert – “Security Alert!!” and “Campus Security Announcement!” messages are confirmed phishing attacks.

Be on the alert for suspicious emails purportedly sent from “juan.lopez@mail.mcgill.ca” with the subject lines “Security Alert!!“ and “Campus Security Announcement!”. These are confirmed phishing messages, designed to trick you into disclosing your Middlebury credentials. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

For more information about phishing attacks, please visit http://go.middlebury.ed/phishing

For more information about the spam quarantine, please visit http://go.middlebury.ed/spam

@MiddInfoSec Phishing Alert: don’t fall for “Thammasat Great Journal, Thailand” scam email

Be on the alert for a suspicious email purportedly sent from “thammasat@goconnext.com” with the subject line “Thammasat Great Journal, Thailand“. This is a confirmed phishing message, designed to trick you into downloading a malicious file. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

 For more information about phishing attacks, please visit http://go.middlebury.edu/phishing. For more information about the spam quarantine, please visit http://go.middlebury.edu/spam.

12122016-phish

@MiddInfoSec Phishing Alert: don’t fall for “UPDATE YOUR ACCOUNT” or “UPDATE YOUR MAIL BOX” cam email

Be on the alert for a suspicious email purportedly sent with the subject line “UPDATE YOUR ACCOUNT” or “UPDATE YOUR MAIL BOX”. This is a confirmed phishing message, designed to trick you into divulging your username and password. Do not click on the links in the message or reply to the message. If you find a copy of the message in your inbox, please delete it. If you find a copy of this message in your spam quarantine, please ignore it and do not release it. The message will be deleted from your quarantine automatically in the next few days.

For more information about phishing attacks, please visit http://go.middlebury.edu/phishing.

For more information about the spam quarantine, please visit http://go.middlebury.edu/spam.

 

Example Message:

20161122updateyouraccount