{"id":1370,"date":"2025-11-10T13:12:22","date_gmt":"2025-11-10T21:12:22","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=1370"},"modified":"2025-11-10T13:18:44","modified_gmt":"2025-11-10T21:18:44","slug":"phishing-from-11-10-2025-your-2025-assessment-report-is-now-ready","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/1370","title":{"rendered":"Phishing from 11\/10\/2025: “Your 2025 Assessment Report Is Now Ready”"},"content":{"rendered":"\n

Original Phishing Message<\/p>\n\n\n\n

From: <\/strong>slehman[@]uslowcountry[.]org
Subject: <\/strong>Your 2025 Assessment Report Is Now Ready<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Tips for Detection<\/p>\n\n\n\n

    \n
  • Notice that the email came from an @uslowcountry[.]org address. Legitimate emails from HR or supervisors should come from an @pugetsound.edu address.<\/li>\n\n\n\n
  • Notice the generic greeting of “Dear Team” and the generic signature of “Athletic Department HR” which may indicate the email is going to many individuals at different institutions. <\/li>\n\n\n\n
  • Always investigate links before clicking. In this case, the link went to a Google Form which in and of itself is not dangerous. However, the form asked you for your password. Do not enter passwords into web forms. Avoid entering your credentials on any site you do not recognize as a trusted login page. <\/li>\n<\/ul>\n\n\n\n

    Where did the link lead?<\/p>\n\n\n\n

    The link led to a Google Form that asked for your email and password. Never submit sensitive information like passwords on web forms (e.g. Google Forms, Survey Monkey, Jotform). Many scammers utilize legitimate forms platforms to make the link look safe.<\/p>\n\n\n\n

    \"\"<\/figure>\n\n\n\n

    Text of Phishing Message<\/p>\n\n\n\n

    From: <\/strong>slehman[@]uslowcountry[.]org
    Subject: <\/strong>Your 2025 Assessment Report Is Now Ready<\/p>\n\n\n\n

    Dear Team,<\/p>\n\n\n\n

    Your 2025 Individual Assessment Report is now available. It provides a summary of your recent performance, highlights your strengths, and outlines areas for continued professional growth. You\u2019ll also see how your contributions have supported our department\u2019s goals and athletic programs.<\/p>\n\n\n\n

    A brief feedback form is included with your report. Please complete it after reviewing your report\u2014it helps us finalize records and prepare for upcoming conversations.<\/p>\n\n\n\n

    You can access your report by signing in with your staff email:<\/p>\n\n\n\n

    View Staff Report<\/p>\n\n\n\n

    Thank you for your continued effort and commitment to our athletes and the success of our department.<\/p>\n\n\n\n

    Warm regards,<\/p>\n\n\n\n

    Athletic Department HR<\/p>\n","protected":false},"excerpt":{"rendered":"

    Original Phishing Message From: slehman[@]uslowcountry[.]orgSubject: Your 2025 Assessment Report Is Now Ready Tips for Detection Where did the link lead? The link led to a Google Form that asked for your email and password. Never submit sensitive information like passwords on web forms (e.g. Google Forms, Survey Monkey, Jotform). Many scammers utilize legitimate forms platforms […]<\/p>\n","protected":false},"author":521,"featured_media":1372,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-1370","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1370","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=1370"}],"version-history":[{"count":2,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1370\/revisions"}],"predecessor-version":[{"id":1376,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/1370\/revisions\/1376"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/1372"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=1370"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=1370"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=1370"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}