{"id":253,"date":"2021-01-27T10:22:55","date_gmt":"2021-01-27T18:22:55","guid":{"rendered":"http:\/\/blogs.pugetsound.edu\/infosec\/?p=253"},"modified":"2021-01-27T10:22:57","modified_gmt":"2021-01-27T18:22:57","slug":"phishing-from-1-27-2021-expiring-on-wednesday-january-27-2021","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/253","title":{"rendered":"Phishing from 1\/27\/2021: “Expiring on Wednesday, January 27, 2021”"},"content":{"rendered":"\n

Original Phishing Message<\/p>\n\n\n\n

Note: If you received this message, you can simply delete it. It is not<\/strong> from Technology Services. Do not click any links or open attachments. If you are unsure whether you need to change your password, you may contact the Service Desk.<\/em><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Tips for Detection<\/p>\n\n\n\n

  • Always double check the sender’s email address. The display name in this example is in the format of an email address which makes it trickier. However, the actual sender’s email address comes from the domain @cox.net, not @pugetsound.edu.<\/li>
  • If an email contains some kind of threat to discontinue services and has a sense of urgency, use extra caution. Those are common methods used in phishing emails designed to provoke a response from you.<\/li>
  • At Puget Sound, any notification about password expiration will begin 14 days prior. There also would not be a link to keep the same password. <\/li><\/ul>\n\n\n\n

    Text of Phishing Message<\/p>\n\n\n\n

    From: jodivalentpasswordnowvarilityvalidating[@]cox[.]net
    Subject: Expiring on Wednesday, January 27, 2021<\/p>\n\n\n\n

    Your password for [username<\/em>]@pugetsound.edu is due to expire today Wednesday, January 27, 2021<\/p>\n\n\n\n

    Click below to keep password active<\/p>\n\n\n\n

    Failure to comply will halt future activities<\/p>\n","protected":false},"excerpt":{"rendered":"

    Original Phishing Message Note: If you received this message, you can simply delete it. It is not from Technology Services. Do not click any links or open attachments. If you are unsure whether you need to change your password, you may contact the Service Desk. Tips for Detection Always double check the sender’s email address. […]<\/p>\n","protected":false},"author":521,"featured_media":254,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,4],"class_list":["post-253","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing","tag-phishtank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/253","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=253"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/253\/revisions"}],"predecessor-version":[{"id":255,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/253\/revisions\/255"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/254"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=253"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=253"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=253"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}