{"id":178,"date":"2020-11-26T11:40:26","date_gmt":"2020-11-26T19:40:26","guid":{"rendered":"http:\/\/blogs.pugetsound.edu\/infosec\/?p=178"},"modified":"2020-11-26T11:40:28","modified_gmt":"2020-11-26T19:40:28","slug":"phishing-example-from-11-25-20-email-storage-limit","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/178","title":{"rendered":"Phishing Example from 11\/25\/20: &#8220;Email storage limit&#8221;"},"content":{"rendered":"\n<p class=\"has-large-font-size\">Original Phishing Message<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"462\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-mailbox-full-phish-1024x462.png\" alt=\"\" class=\"wp-image-180\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-mailbox-full-phish-1024x462.png 1024w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-mailbox-full-phish-300x135.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-mailbox-full-phish-768x346.png 768w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-mailbox-full-phish.png 1027w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Tips for Detection<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>This email was difficult to detect as it came from a @pugetsound.edu address. However, it should be suspicious that an email about mailbox size is coming from an individual instead of an account related to Technology Services. <\/li><li>The email is signed &#8220;IT Help Desk.&#8221; <\/li><li><strong>Always hover over links in emails.<\/strong> The link in this email goes to office3652[.[cabanova[.]com. This is not a Puget Sound site nor the site to check university email.<\/li><li>If you were not sure about your mailbox size, you can always check that yourself. If it is not near capacity, that is also a sure way to tell the email is fraudulent. To check in Webmail, click the settings gear icon > Options. You will see the amount of space used in the Mailbox Usage section.<\/li><\/ul>\n\n\n\n<p class=\"has-large-font-size\">Where did the link lead? <\/p>\n\n\n\n<p>The link led to a fraudulent Office 365 login page. Some browsers may have warned you that the site is malicious. If you see that warning in your browser, generally avoid proceeding to the page. <strong><em>If you entered your credentials on this page, please immediately change your password via myPugetSound and contact the Service Desk. <\/em><\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"503\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-email-full-site-1024x503.png\" alt=\"\" class=\"wp-image-181\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-email-full-site-1024x503.png 1024w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-email-full-site-300x147.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-email-full-site-768x377.png 768w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/11\/11-26-20-email-full-site.png 1221w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Text of Phishing Message<\/p>\n\n\n\n<p>Your mailbox storage&nbsp;has reached 98% on the email server.<\/p>\n\n\n\n<p>At 100% limit, certain email features like;<\/p>\n\n\n\n<p>\u00b7&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Sending messages<\/p>\n\n\n\n<p>\u00b7&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Receiving messages<\/p>\n\n\n\n<p>\u00b7&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Forwarding messages<\/p>\n\n\n\n<p>Will not be available for your utilization.<\/p>\n\n\n\n<p>Visit Outlook Storage Access Page [<em>link removed<\/em>] and log in to adjust and maintain your Mailbox storage.<\/p>\n\n\n\n<p>IT Help Desk<\/p>\n\n\n\n<p>COPYRIGHT \u00a9 2020 UNIVERSITY OF PUGET SOUND<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Phishing Message Tips for Detection This email was difficult to detect as it came from a @pugetsound.edu address. However, it should be suspicious that an email about mailbox size is coming from an individual instead of an account related to Technology Services. The email is signed &#8220;IT Help Desk.&#8221; Always hover over links in [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":180,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,4],"class_list":["post-178","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing","tag-phishtank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/178","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=178"}],"version-history":[{"count":2,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/178\/revisions"}],"predecessor-version":[{"id":183,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/178\/revisions\/183"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/180"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=178"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=178"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=178"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}