{"id":1310,"date":"2024-11-13T11:42:00","date_gmt":"2024-11-13T19:42:00","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=1310"},"modified":"2024-11-13T11:42:01","modified_gmt":"2024-11-13T19:42:01","slug":"phishing-from-11-13-2024-shared-inv-and-suspension-report","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/1310","title":{"rendered":"Phishing from 11\/13\/2024: &#8220;Shared INV&#8221; and &#8220;Suspension-Report&#8221;"},"content":{"rendered":"\n<p>Campus members have reported recent phishing attempts impersonating Adobe. The emails come from various senders and with different subject lines. If you receive an email matching the information below, it is NOT legitimate. <\/p>\n\n\n\n<p class=\"has-medium-font-size\">Sender Email Address<\/p>\n\n\n\n<p>The emails have been attempting to spoof various @pugetsound[.]edu email addresses.<\/p>\n\n\n\n<p class=\"has-medium-font-size\">Sender Display Name<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Adobe\u00a9Pugetsound<\/li><\/ul>\n\n\n\n<p class=\"has-medium-font-size\">Subject Lines<\/p>\n\n\n\n<p>Text within brackets [ ] are altered in each subject line.<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Suspension-Report for [<em>username<\/em>]@pugetsound.edu [<em>date<\/em>\/<em>time<\/em>]<\/li><li>Shared INVO[<em>random numbers<\/em>] for Pugetsound [<em>date\/time<\/em>]..[<em>random characters<\/em>]<\/li><\/ul>\n\n\n\n<p class=\"has-medium-font-size\">Example Phishing Email<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"572\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/11\/11-13-24-adobe-sign-phish-1024x572.png\" alt=\"\" class=\"wp-image-1311\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/11\/11-13-24-adobe-sign-phish-1024x572.png 1024w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/11\/11-13-24-adobe-sign-phish-300x168.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/11\/11-13-24-adobe-sign-phish-768x429.png 768w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2024\/11\/11-13-24-adobe-sign-phish.png 1230w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-medium-font-size\">Tips for Detection<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The display name &#8220;Adobe\u00a9Pugetsound&#8221; is unusual and suspicious.<\/li><li>Legitimate emails from Adobe Acrobat Sign will come from adobesign[@]adobesign[.]com. <\/li><li>Notice that the email contains an attachment instead of a link to Adobe&#8217;s website such as adobesign[.]com or documents[.]adobe.com. Beware of attachments you are not expecting, especially if it is an encrypted ZIP file since it may contain malware. <\/li><\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Campus members have reported recent phishing attempts impersonating Adobe. The emails come from various senders and with different subject lines. If you receive an email matching the information below, it is NOT legitimate. Sender Email Address The emails have been attempting to spoof various @pugetsound[.]edu email addresses. Sender Display Name Adobe\u00a9Pugetsound Subject Lines Text within [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":1311,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-1310","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1310","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=1310"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1310\/revisions"}],"predecessor-version":[{"id":1312,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1310\/revisions\/1312"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/1311"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=1310"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=1310"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=1310"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}