{"id":351,"date":"2021-03-29T09:27:38","date_gmt":"2021-03-29T16:27:38","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=351"},"modified":"2021-03-29T09:53:01","modified_gmt":"2021-03-29T16:53:01","slug":"phishing-from-3-29-21-response","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/351","title":{"rendered":"Phishing from 3\/29\/21: “Response”"},"content":{"rendered":"\n

Original Phishing Message<\/p>\n\n\n\n

Note: If you received this message, please delete it and do not respond. The email is not from President Crawford.<\/em><\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Tips for Detection<\/p>\n\n\n\n

  • Notice the “Caution” banner preprended to the message. This indicates the message matches patterns of previous phishing emails and comes from outside the university’s email system. <\/li>
  • Though the display name says “Isiaah Crawford”, the email address is a random @gmail.com address. If you receive emails with the display name of a campus member but an email address that is not @pugetsound.edu, please use caution.<\/li>
  • There are numerous typos\/errors in this email. <\/li>
  • This type of email is a phishing attempt impersonating a campus member in the hopes that gift cards would be purchased. Generally speaking, do not purchase gift cards or bitcoin when requested via email. <\/li><\/ul>\n\n\n\n

    Text of Phishing Message<\/p>\n\n\n\n

    From: fty908072[@]gmail[.]com
    Subject: Response<\/p>\n\n\n\n

    H i [name removed<\/em>]<\/p>\n\n\n\n

    I’m planning to surprise some of the staff with Gifts, for their hard work and dedication to the company, Your confidentiality will be appreciated however. I need you to get a purchase done, Email me once you get this.Thanks<\/p>\n\n\n\n

    Isiaah Crawford
    President
    sent from my mobile device<\/p>\n","protected":false},"excerpt":{"rendered":"

    Original Phishing Message Note: If you received this message, please delete it and do not respond. The email is not from President Crawford. Tips for Detection Notice the “Caution” banner preprended to the message. This indicates the message matches patterns of previous phishing emails and comes from outside the university’s email system. Though the display […]<\/p>\n","protected":false},"author":521,"featured_media":352,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,4],"class_list":["post-351","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing","tag-phishtank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/351","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=351"}],"version-history":[{"count":2,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/351\/revisions"}],"predecessor-version":[{"id":354,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/351\/revisions\/354"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/352"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=351"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=351"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=351"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}