Be on the alert for a suspicious email purportedly sent from “email@example.com” with the subject line “Web Mailbox”.
This is a confirmed phishing message, designed to trick you into divulging your username and password. If you find a copy of this message in your spam quarantine, please ignore it. If you find a copy of the message in your inbox, please delete it.
If you find this message in your spam quarantine, do not release it. It will be deleted automatically in the next few days. Do not click on the links in the message or reply to the message.
For more information about phishing attacks, please visit http://go.middlebury.ed/phishing.
For more information about the spam quarantine, please visit http://go.middlebury.ed/spam.
Be on the alert for a suspicious email *purportedly sent* from “Public Safety” with the subject line “You have 1 Unread mail!”. This is a confirmed phishing message, designed to trick you into divulging your username and password. If you find a copy of this message in your spam quarantine, please ignore it. This message was not sent from Middlebury’s Department of Public Safety, but was cleverly constructured to look like it was. If you find a copy of the message in your inbox, please delete it. Do not click on the links in the message or reply to the message.
For more information about phishing attacks, please visit http://go.middlebury.edu/phishing.
For more information about the spam quarantine, please visit http://go.middlebury.edu/spam.
ITS is relaying to our campus customers an Alert from the US Computer Emergency Readiness Team about Quicktime on Windows.
Apple has “deprecated” the Quicktime program and is calling for computer users to uninstall the program. Since this is a security risk, ITS has removed Quicktime on campus computers and replaced it with the VLC program which has been identified as a proper replacement. Many computers on campus already have VLC installed. Adobe is working on some patching of their products which may still depend on Quicktime. Please let us know if you run into any troubles with programs you use here on campus, by contacting the helpdesk (firstname.lastname@example.org) or creating a helpdesk ticket.
Thank you for your part in keeping our campus safe and secure.
Warning! Over the past couple of days Middlebury College has been the target of a well-crafted phishing campaign. Phishing messages are email messages designed to trick you into divulging your username and password. In this case, the phishing messages were written so that they looked like they were sent from Middlebury’s Department of Public Safety. An example of this phishing message is included below.
Middlebury’s email system was able to filter the vast majority of these phishing messages, delivering them into each recipient’s Spam Quarantines. Even with this protection, however, a few individuals released the messages from their quarantines, opened the messages, and clicked on the phishing links therein.
Always use caution with quarantined messages. The quarantine is specifically designed to protect you from phishing attacks crafted to trick you into divulging your Middlebury account username and password. If you have any questions about a quarantined message, contact the Help Desk or send a note to email@example.com. We would be glad to help.
Sample Phishing Message:
For more information on phishing please visit http://go.middlebury.edu/phish. For additional details about spam filtering and the spam quarantine, please review Spam Filtering at Middlebury.
It is important for each of us to be aware of the increasing security risks to our increasingly connected lives. From laptops and tablets to smartphones and wearable technology, and 24/7 access to our personal data, the risk of sensitive information being exposed is very real.
Travel with, save, or record ONLY the data that is necessary and essential. Always redact or remove unnecessary sensitive data. Always keep your data backed-up and encrypted, when possible.
Add a passcode to your cell phone, tablet, or laptop right now! iOS devices automatically encrypt your data once a passcode has been set. Android devices can encrypt your data with a few minor settings changes.
- Use Strong & Unique Passwords or Passphrases:
Especially for online banking and other important accounts.
- Use Multi-Factor Authentication when available:
Middlebury is introducing MFA for O365 and other services in 2016. Use MFA wherever possible.
- Check Your Social Media Settings:
Review your social media security and privacy settings frequently. Enable MFA whenever possible. Keep your social media accounts current or close them.
Stay informed about the latest technology trends and security issues such as malware and phishing. Visit http://go.middlebury.edu/infosec for more information. For targeted training visit: http://go.middlebury.edu/infoseced .
Contact ITS – Information Security at firstname.lastname@example.org to set up a training session for your department.
The migration of Middlebury’s email services to Microsoft’s Office 365 cloud environment is well underway. As of Friday, August 26th, we have moved 87% of all mailboxes to the cloud. Thank you so much for the help and feedback to date, it wouldn’t be possible without your support. The migration schedule can be found at http://go.middlebury.edu/cloud, updated daily.
For those of you that use Exchange Public Folders for departmental calendars, etc., we have an update. Public Folders will be unavailable for access from Tuesday, August 30th through Noon EST on Wednesday, August 31st. Public Folders are handled differently from mailboxes in Microsoft Exchange, and because of that difference they will be unavailable during their migration to the cloud.
When they are available again on August 31st, some users may need to re-open the Public Folders they normally access. We apologize for any inconvenience this may cause.
Here are the instructions for Outlook 2016 for Windows:
In Outlook, press Ctrl-6 to open the Folder View. You should see something like this:
To add a public folder to your Favorites, right-click the folder, then select Add to Favorites…. You should now be able to access it whenever you need it, including in the Calendar screen under “Other Calendars.”
Thanks again for your support and understanding. Please contact the Helpdesk with concerns or issues.
Please join me in welcoming Mike Schuster back to Information Technology Services. Mike will be returning to ITS effective Monday August 29th, 2016. Mike will continue in his current role as the Salesforce Administrator/Developer in support of the college’s Saleforce related initiatives.