Original Phishing Message

NOTE: If you received this message, simply delete it and do not click on any links. The message is not legitimate.

Tips for Detection

• Notice the maroon caution banner prepended to the message. This banner is added on messages that match patterns of other phishing attempts.
• The email is not sent from an @pugetsound.edu address.
• The entire body of the email is a hyperlinked image (instead of text) which should be suspicious. This is a method used by attackers to bypass email spam filters.
• Though the hyperlinked text appears to be for a pugetsound.edu site, hovering over the link reveals that the true destination goes to the URL securehelpinfo[.]com.
• Technology Services will not ask you to click a link to “avoid login interruption.”

Text of Phishing Message

From: mcdoashl[@]gvsu[.]edu
Subejct: UPS out of date

Your UPS account settings are out-of-date. To improve all student/faculty/staff account user experience, privacy policy update is required to avoid login interruption.

Privacy Policy Action Required now