Original Phishing Message

Tips for Detection

• Beware of document sharing links that are password-protected unless you are expecting it. Password-protecting a file encrypts it which allows the file to bypass certain malware scans.
• The message appears to be a reply to a legitimate email somebody at Puget Sound sent. Most likely, the sender’s email account is compromised and an attacker is replying to any emails in the inbox. If the subject line looks familiar, it is more likely for somebody to open the email and trust it. Don’t fall for this!
• As always, use caution with links and attachments in emails.

What happens if I clicked the link?

Clicking the link immediately downloads a file titled “my_invoice_02345.zip” onto your computer. If you open the file, it will likely ask for the numeric password. Once the file unzips, the malware contained will run on your machine. In this case, the zip file contained a Trojan malware.

If this occurred, taking the computer offline and running a full malware scan using anti-virus software would be beneficial to remove the Trojan. Further remediation might be needed.

Text of Phishing Message

I have made some edits. Please check.

https://protection[.]digireactormarketing[.]com/download/#1YMLdyqkxGcHOevCvkbUgBci18NmdSLjy

Protection password: 7777