Original Phishing Message

Tips for Detection

• Technology Services adds a “Caution” banner at the top of email messages that match patterns of previous phishing attacks. If you see this banner, please use extra caution. Note that the absence of the banner does NOT necessarily mean an email is safe.
• Normally, Zoom meeting invitations are sent from the email account of the meeting host as opposed to a generic email address.
• The email address in this phishing attempt was “spoofed” which means it was forged to appear like it originated from noreply@pugetsound.edu. The presence of the “Caution” banner should indicate that something is off.

What does a legitimate Zoom meeting invitation look like?

Below is a screenshot of an example Zoom meeting invitation that is legitimate. Remember that Zoom meeting links created within the university will begin with https://pugetsound-edu.zoom.us.

Text of Phishing Message

Dear [username]@pugetsound.edu
You received a video conferencing invitation.
Review invitation.