Original Phishing Message

Note: If you received this message, please simply delete it as this message is not legitimate.

If you would like to prevent an email address from being able to use Google Drive to share files with you, you can block them: https://support.google.com/drive/answer/10613533.

Tips for Detection

• Notice that the individual sharing the document is outside Puget Sound.
• Notice that the name of the individual’s Google account does not match the invitation text that attempts to convey that the message is from the president. These inconsistensies should raise a red flag.
• Many phishing attempts utilize legitimate cloud collaboration services such as Google Drive, OneDrive, Dropbox, etc.
• If you’re not expecting a shared document, use extra caution before clicking on the link. Though the link does indeed go to Google Drive, the file itself may contain malware in a zip file or link to another site asking for credentials.

Text of Phishing Message

From: Becky Funderburk (via Google Drive) <drive-shares-dm-noreply[@]google[.]com>
Subject: Item shared with you: “DEPT ASSESSMENT .pdf”

BFunderburk[@]heathwood[.]org shared an item

BFunderburk[@]heathwood[.]org has shared the following item:
FWD: President Isiaah Crawford has invited you to view the following document using one drive.

DEPT ASSESSMENT .pdf

BFunderburk[@]heathwood[.]org is outside your organization.

Open

If you don’t want to receive files from this person, block the sender from Drive