Middlebury Information Security received information that fraudulent emails are being sent from a malicious domain, “middleburry.org”, to businesses that might provide equipment and supplies to Middlebury College.
The suspicious emails are crafted such that they appear to come from actual Middlebury College employees, though the contact information provided includes incorrect telephone numbers and email addresses.
Note that suspected bad actors are using a typosquatting technique – there are two R’s in “middleburry.org”, and Middlebury’s domain name ends in .edu, rather than .org. Those details, however, are perhaps an easy thing to miss, especially at a quick glance.
Efforts are underway to takedown the middleburry.org domain, and to suspend the domain holder’s email service.
Please contact InfoSec@middlebury.edu with questions.