Original Phishing Message
From: adriana.gloria[@]austinisd[.]org
Subject: ASSESSMENT REPORT FOR ALL STAFF MEMBERS 2024
Where Did the Link Lead?
The email contained a PDF attachment containing a link to Jotform.
The form asks for email and password.
Tips for Detection
- Notice that the sender email address was from outside the university. Legitimate emails from Human Resources will likely come from hr@pugetsound.edu.
- Notice the language of urgency in the message.
- Always use caution with attachments you are not expecting as they can contain malware. Attachments or Google/OneDrive documents that only contain a link to another site are typically a sign it is phishing.
- Never enter your password or sensitive information on forms like Google Form, Jotform, Survey Monkey, Qualtrics, etc. Though these are all legitimate services, the password you enter will go to whoever created the form.
Text of Phishing Message
From: adriana.gloria[@]austinisd[.]org
Subject: ASSESSMENT REPORT FOR ALL STAFF MEMBERS 2024
Hope this email finds you well.
I am pleased to inform you that the HR DEPARTMENT has recently finalized the Assessment Report for all Staff Members. It is imperative that you treat this matter with urgency.
Attached below, you will find the relevant file that contains your individual assessment report. Please kindly find and open the file to access the information.
Thank you for your prompt attention to this matter.