{"id":1176,"date":"2024-01-18T15:22:07","date_gmt":"2024-01-18T23:22:07","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=1176"},"modified":"2024-01-18T15:22:09","modified_gmt":"2024-01-18T23:22:09","slug":"phishing-from-1-11-2024-unauthorized-login-attempt-notification","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/1176","title":{"rendered":"Phishing from 1\/11\/2024: &#8220;Unauthorized login attempt notification&#8221;"},"content":{"rendered":"\n<p class=\"has-large-font-size\">Original Phishing Message<\/p>\n\n\n\n<p><strong>From: <\/strong>finance[@]schreiner-elektronik[.]de<br><strong>Subject: <\/strong>Unauthorized login attempt notification<br><strong>S<\/strong>u<strong>bject: <\/strong>Authorize Log In Attempt<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"657\" height=\"463\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/01\/1-11-24-unauthorized-login-phish.jpg\" alt=\"\" class=\"wp-image-1177\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/01\/1-11-24-unauthorized-login-phish.jpg 657w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/01\/1-11-24-unauthorized-login-phish-300x211.jpg 300w\" sizes=\"auto, (max-width: 657px) 100vw, 657px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p class=\"has-large-font-size\">Where Did the Link Lead?<\/p>\n\n\n\n<p>The link led to a website which asks for your login information. Never enter your password on online forms or on sites you do not recognize. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"383\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/01\/1-11-24-unauthorized-login-phish-link-1024x383.jpg\" alt=\"\" class=\"wp-image-1178\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/01\/1-11-24-unauthorized-login-phish-link-1024x383.jpg 1024w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/01\/1-11-24-unauthorized-login-phish-link-300x112.jpg 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/01\/1-11-24-unauthorized-login-phish-link-768x287.jpg 768w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/01\/1-11-24-unauthorized-login-phish-link.jpg 1122w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Tips for Detection<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>If you do not have an account with the organization sending the email, it is likely not legitimate. <\/li><li>Always investigate links before clicking on them. The site www[.]safelysecurity[.]com should be suspicious. <\/li><li>Many organizations have a place where you can log in to view recent security activity. If in doubt, log in to the site in question to check if there was a recent login which you did not perform instead of using any links from emails.<\/li><\/ul>\n\n\n\n<p class=\"has-large-font-size\">Text of Phishing Message<\/p>\n\n\n\n<p><strong>From: <\/strong>finance[@]schreiner-elektronik[.]de <br><strong>Subject: <\/strong>Unauthorized login attempt notification<br><strong>S<\/strong>u<strong>bject: <\/strong>Authorize Log In Attempt <\/p>\n\n\n\n<p>Authorize Log In Attempt<\/p>\n\n\n\n<p>An attempt to login to your EMAIL was made from an unknown browser. Please confirm the following details are correct:<\/p>\n\n\n\n<p>Time: 2024-11-01 03:10:46 AM<br>IP Address: 164.160.94.98 (South Africa)<br>Browser: Safari 7<\/p>\n\n\n\n<p>If this login attempt was not made by you, immediately CLICK HERE to secure your account.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Phishing Message From: finance[@]schreiner-elektronik[.]deSubject: Unauthorized login attempt notificationSubject: Authorize Log In Attempt Where Did the Link Lead? The link led to a website which asks for your login information. Never enter your password on online forms or on sites you do not recognize. Tips for Detection If you do not have an account with [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":1177,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-1176","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1176","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=1176"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1176\/revisions"}],"predecessor-version":[{"id":1179,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1176\/revisions\/1179"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/1177"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=1176"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=1176"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=1176"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}