Original Phishing Email

From: skaelin[@]ccsdli[.]org
Subject: Email Password
Subject: Email Administrator

Where Did the Link Lead?

The link led to a fake Outlook Web App login page.

Tips for Detection

• Notice the false sense of urgency (e.g. 24 hours).
• Technology Services will not ask you to click a link to “validate” your account.
• Notice the link goes to receita-medicinali-indigena[.]shop/ns/ which is not a Puget Sound website. Always hover over links and never enter your credentials on sites you do not recognize.
• Notice the sender is skaelin[@]ccsdli[.]org. Emails from Technology Services will come from an @pugetsound.edu email address.

Text of Phishing Messages

From: skaelin[@]ccsdli[.]org
Subject: Email Password

Your Email password will expire in the 24 hours, Log on to IT STAFF PORTAL​ to validate Your E-mail.

Thank You.

Web-mail Administrator.

From: skaelin[@]ccsdli[.]org
Subject: Email Administrator

Dear Valued User,

We wanted to let you know that we got your request to terminate your Outlook Webmail because of a dual college/university account. This process has begun by our administrator. You should re-verify your account if you did not authorize this action and have no knowledge of it. Please give us 24 hours to terminate your account if you initiated the request. Failure to re-verify will result in the closure of your account and you will lose all your files on these accounts.

Kindly visit IT STAFF PORTAL to re-verify and cancel the request