Original Phishing Message

NOTE: If you received this message, DO NOT click the link or enter any information as this email is NOT legitimate.

From: info.beththomloan[@]gmail[.]com
Subject: UNIVERSITY OF PUGET SOUND

Where Did the Link Lead?

The phishing link in the email went to a Jotform page asking for your username and password. Though Jotform is a legitimate service, many attackers utilize such platforms (e.g. Google Forms, Jotforms, Survey Monkey) to collect credentials. Never enter your credentials on a web form.

Tips for Detection

  • The sender’s email address was a gmail[.]com address. Always double-check the sender’s email address and don’t solely rely on the display name.
  • Many phishing emails attempt to impersonate university departments, such as IT or HR.
  • Official communications from the university will generally come from an @pugetsound.edu email address.
  • The email tries to induce fear that your email will be suspended. Don’t be misled by the sense of urgency!

Text of Phishing Message

From: info.beththomloan[@]gmail[.]com
Subject: UNIVERSITY OF PUGET SOUND

Hello,
Click here to verify your email to avoid being suspended.

Thank You
UNIVERSITY OF PUGET SOUND