Original Phishing Message

NOTE: If you received this message, please delete it and DO NOT click on any links. This message is not legitimate.

Tips For Detection

• Notice the maroon caution banner prepended to the message. This banner is added on messages that match patterns of other phishing attempts.
• The entire body of the email is a hyperlinked image (instead of text) which should be suspicious.
• Notice the stretched Puget Sound logo, the use of “PSU”, and the outdated text of the website.
• Hovering over the image reveals that the link does not take you to a pugetsound.edu site.

Where Did the Link Lead?

The link led to a a site harrison-wells[.]mykajabi[.]com designed to collect your credentials. Never enter your username/password on sites you do not recognize. If you entered any information on this page, please contact the Technology Service Desk as your password may be compromised.

Text of Phishing Message

From: sovajen[@]gvsu[.]edu
Subject: account settings

Your PSU account settings are out of date. To improve all student/faculty/staff account user experience, privacy policy update is required to avoid login interruption.

Privacy Policy Action Required Now

Visit [link removed]