Original Phishing Message
Note: If you received this message, please delete it and do not click on any links. This email is NOT legitimate.
Tips for Detection
- Notice the banner applied to the top of the message. If you see a “Caution” banner prepended to an email message, use extra caution as it matches patterns of previous phishing attempts.
- Hovering over the link reveals a suspicious URL. Do not click on suspicious links in emails.
- The email address appears to be from a Puget Sound account, but do not be fooled!
- Technology Services will never ask you to click a link in an email to keep your password.
- General Tip – use caution whenever you are asked to log in with your Puget Sound credentials on a site that does not end with pugetsound.edu.
Where Did the Link Lead?
Notice the grammatical error on the landing page of the phishing link.
The site then poses as a fake Microsoft Outlook login page. If you enter your credentials on this page, the attacker will have obtained your password and can gain unauthorized access into your account.
Text of Phishing Message
Microsoft account
Password Expiration notice
Hello,
Your password is set to expire in 2 day(s).
We encourage you to take the time now to maintain your password activity to avoid login interruption.
Keep My Password [link removed]
Note: Microsoft will not be held responsible for any account loss
Thank you,
Copyright 2021. All Rights Reserved.