Hello Middlebury Google Apps users,

While this is NOT a phishing message, it does relate to the general topic of phishing as it pertains to Middlebury’s Google Apps live pilot instance. Please read on for important information.

As you may be aware, LIS recently sent an email message to all students about an increase in the number of successful phishing attempts that are targeting middlebury.edu email addresses. In order to limit the number of compromised accounts from this most recent wave of phishing attempts, students were required to change their Middlebury password. This action has greatly reduced the number of compromised accounts, which is good!

However, we also discovered that a behavior of the Google Drive/Docs service may be causing our users to believe that certain fraudulent web forms, (such as the example screenshot below), are legitimate because the URL appears to be within our Middlebury Google Apps instance, to authenticated users.

These are NOT legitimate web forms! As standard practice, LIS does NOT request the type of information shown in the example below via Google web forms. Additionally, Google has advised that security improvements to the Google Drive/Docs service will soon be introduced to address this problem.

If you suspect that you may have recently provided your Middlebury credentials to a fraudulent Google web form, you should immediately reset your password at go/activate and then contact the Helpdesk.

If you become aware that your Middlebury account has been disabled, you must contact the Helpdesk to resolve.

It is also important that community members keep themselves informed about these types of information security threats and be vigilant about protecting their credentials and personal information. More information about safe computing practices is available at go/infosec.

EXAMPLE OF FRAUDULENT GOOGLE WEB FORM

MIDD-PHISH-WIN7-IE-400