Tag Archives: Middlebury Community Interest

Update on New York Times access

You may be aware that we’ve had an access problem with the New York Times web site over the past few months. The short version of the issue is that SGA was providing online access until NYT discontinued that program…which no one on campus realized until our access ceased (there’s more detail in this Campus article). The Times’ new program is extremely expensive, and the library’s funding for this fiscal year was set last year. Partial access is still available; would that full access were, and we wish an immediate solution were at hand. We haven’t given up, though, and are still working on the problem. Please feel free to contact Douglas Black, Head of Collections Management, for more information.

ILLiad scheduled upgrade and down-time

The ILLiad Web pages will be down at 9:00 am on Tuesday 1/8/19 while we upgrade the ILLiad software.  The ILL web site should be inaccessible for only a short time, assuming all goes well with the update.

If anyone has problems after 2:00 pm please contact Rachel Manning at x5498 or rmanning@middlebury.edu for assistance.

SCAM Alert – “Sextortion” Scam Emails

ITS is aware of an influx of sextortion scam emails received by members of the Middlebury community. These are indeed scams, identified as such by online security sources (see below) and making the rounds on the Internet once again. Recent samples have been personalized with older passwords stolen from breaches of third-party websites, such as Linkedin, Adobe, etc..

Please forward any sextortion scam emails to phishing@middlebury.edu so that the sender addresses can be blocked!

For more information on these sorts of scams, see:

https://krebsonsecurity.com/2018/07/sextortion-scam-uses-recipients-hacked-passwords/comment-page-13/
Excerpt: “The message purports to have been sent from a hacker who’s compromised your computer and used your webcam to record a video of you while you were watching porn. The missive threatens to release the video to all your contacts unless you pay a Bitcoin ransom. The new twist? The email now references a real password previously tied to the recipient’s email address.”

These are indeed scams. Recent samples have been personalized with older passwords stolen from breaches of third-party websites, such as Linkedin, Adobe, etc..

Here is a resource to help you find out where an old password to a 3rd party site may have been exposed: https://haveibeenpwned.com is run by Troy Hunt, a globally recognized security expert.

Check your email address here: https://haveibeenpwned.com (use your_username@middlebury.edu and then scroll down to see services where your username may have been part of a breach)

Check your password here: https://haveibeenpwned.com/Passwords

Change that password anywhere you use it and this time, pick a different STRONG password for each service.

Again, please forward any sextortion scam emails to phishing@middlebury.edu so that the sender addresses can be blocked from bothering our community members!

Faculty: Are you grading research papers…

…and hoping they’ll be a little better next time? Talk with a librarian! We’d love to help you build more research and information literacy support into your spring semester classes. Our new InfoLit site describes what we do, and how it makes a difference. You’ll find assignment ideas, sample workshops, and of course, lots more prompts to talk with a librarian.

InfoLit site

“Every student who met with you commented on how that meeting focused their work and led them to search the appropriate literature quickly and effectively.”
-Faculty feedback on library research consultations for students, Fall 2018

 

Interlibrary Loan Winter Break Service Update – 2018

Books

Due to the holidays, shipping madness, the increased risk of losses, and the lack of open libraries willing to send things, the Interlibrary Loan Department limits ordering and shipping during the second half of December.

If you need anything before winter break request it now!  Interlibrary loan requests submitted to ILLiad after Dec. 15th will be ordered in early January.

ILLiad article requests will continue to be filled by RapidILL through Dec. 22st, but requests must have a valid ISSN and year to be processed by Rapid.

Use Worldcat to find your citations and submit your loan requests!

 

SCAM Alert – Gift Cards

ITS is aware of an influx of Gift Card scam emails received by members of the Middlebury community. These are indeed scams, identified as such by the FTC and other sources (see below). This variant seems to be spoofing faculty/staff members, using external email addresses from service providers like aol.com 

https://www.consumer.ftc.gov/blog/2018/10/scammers-demand-gift-cards 

https://abc7chicago.com/finance/gift-card-scam-uses-bosses-email-addresses-when-phishing/4556080/ 

https://blog.knowbe4.com/scam-of-the-week-the-boss-needs-itunes-gift-cards-for-customers…-now

Please forward any Gift Card scam emails to phishing@middlebury.edu so that the sender addresses can be blocked! Also see the How To Report Scams info below the FTC article.

From: https://www.consumer.ftc.gov/blog/2018/10/scammers-demand-gift-cards 

“Gift cards are a great way to give a gift. But did you know they are also a scammer’s favorite way to steal money? According to the FTC’s new Data Spotlight, more scammers are demanding payment with a gift card than ever before – a whopping 270 percent increase since 2015.Gift cards and reload cards are the #1 payment method for imposter scams. More scammers are demanding payment with a gift card. The percentage of consumers who told the FTC they paid a scammer with a gift card has increased 270% since 2015. Reports to the FTC say scammers are telling people to buy gift cards at Walmart, Target, Walgreens, CVS and other retail shops. 42% of people who paid a scammer with a gift card used iTunes or Google Play. Federal Trade Commission. ftc.gov/complaint. ftc.gov/giftcards

Gift cards are for gifts, not for payments. If someone calls with urgent news or a convincing story and then pressures you to pay them by buying a gift card, like an iTunes or Google Play card, and then giving them the codes on the back of the card – stop. It’s a scam.

Gift cards are the number one payment method that imposters demand. They might pose as IRS officials and say you’re in trouble for not paying taxes; or a family member with an emergency; or a public utility company threatening to shut off your water; or even a servicemember selling something before deployment. Or they might call with great news – you’ve won a contest or a prize! But to get it, you need to pay fees with a gift card. Scammers will say anything to get your money. And they know how to play into your fears, hopes, or sympathies. They like gift cards because, once they’ve got the code on the back, the money is gone and almost impossible to trace. But knowing how these scams work can help you avoid them, and you can help even more by passing on the information to people you know.

If you paid a scammer with a gift card, report it as soon as possible. Call the card company and tell them the gift card was used in a scam. Here is contact information for some of the gift card companies that scammers use most often. Then, tell the FTC about it – or any other scam – at ftc.gov/complaint. Your reports may help law enforcement agencies launch investigations that could stop imposters and other fraudsters in their tracks.”

How To Report Scams

Amazon

  • Call 1 (888) 280-4331
  • Learn about about Amazon gift card scams here.

Google Play

  • Call 1 (855) 466-4438
  • Report gift card scams online here.
  • Learn about Google Play gift card scams here.

iTunes

  • Call 1 (800) 275-2273 then press “6” for other, then say “operator” to be connected to a live representative.
  • Learn about iTunes gift card scams and how to report them here.

Steam

  • If you have a Steam account, you can report gift card scams online here.
  • Learn about Steam gift card scams here.

MoneyPak

  • Call 1 (866) 795-7969
  • Report a MoneyPak card scam online here.

Issue RESOLVED – Multi-Factor Authentication

We are pleased to report that the Multi-Factor Authentication service is restored. Microsoft reported service restoration around 2:00 PM on Monday.

Microsoft provided additional guidance stating they would continue to monitor the situation closely. We’ve been doing the same and can confirm that the MFA is working. MFA challenges are working as expected, across all verification methods.

Thank you for your patience while we worked to resolve matters. Again, we apologize for the disruption. Please contact the Helpdesk if you have any outstanding issues or questions.

Kindly,
ITS Helpdesk