Original Phishing Message
From: gcooper[@]teaneckschools[.]org
Subject: Staff Report
Tips for Detection
- Notice that the email is not from an @pugetsound.edu email address. Legitimate emails from Human Resources will come from an @pugetsound.edu email address.
- Notice the false sense of urgency in the text of the message, such as “immediate review.”
- Notice the odd and generic salutation of “Dear Staffs.”
- Always investigate links before clicking on them. Once you are on a website, double-check the URL to ensure it is a trusted site especially if it is asking you to enter your password.
Where did the link lead?
The link led to a form on Jotform designed to look like a fake login page to steal your password. Never enter sensitive information on web-based forms even if it is hosted on a legitimate service like Google Forms or Jotform.
Text of Phishing Message
From: gcooper[@]teaneckschools[.]org
Subject: Staff Report
Dear Staffs,
We’re sharing the updated 2024/25 staff assessment report. Your assessment is included in this report. Immediate review is important. We value your contribution.
Best Regards,
HR Department.
CLICK here to view this report.