{"id":41,"date":"2020-09-16T18:42:51","date_gmt":"2020-09-16T18:42:51","guid":{"rendered":"http:\/\/blogs.pugetsound.edu\/infosec\/?p=41"},"modified":"2020-09-23T12:48:32","modified_gmt":"2020-09-23T19:48:32","slug":"phishing-example-from-2-26-20-hr-department-shared-employee-benefits-survey-with-you","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/41","title":{"rendered":"Phishing Example from 2\/26\/20: &#8220;HR Department shared Employee Benefits Survey with you!&#8221;"},"content":{"rendered":"<h3>Tips for Detection:<\/h3>\n<ul>\n<li>Hightail is not a campus system<\/li>\n<li>The &#8220;Reply-To&#8221; address is different than the sending address which is common for spoofed emails<\/li>\n<li>The linked URL is hosted on a platform we do not utilize<\/li>\n<li>Phishing emails may come from legitimate file-sharing sites but contain malicious links in a shared document or download malware<\/li>\n<\/ul>\n<h3>Original Phishing Message:<\/h3>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-15\" src=\"http:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/09\/2-26-20-hr-survey-phish.jpg\" alt=\"\" width=\"1214\" height=\"593\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/09\/2-26-20-hr-survey-phish.jpg 1214w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/09\/2-26-20-hr-survey-phish-300x147.jpg 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/09\/2-26-20-hr-survey-phish-768x375.jpg 768w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2020\/09\/2-26-20-hr-survey-phish-1024x500.jpg 1024w\" sizes=\"auto, (max-width: 1214px) 100vw, 1214px\" \/><\/p>\n<h3>Text of Phishing Message:<\/h3>\n<p>HR Department has shared 1 file.<\/p>\n<p>&#8220;Hello,<\/p>\n<p>Please take a few moments of your time to complete this mandatory survey. Your feedback will help us to improve in areas which the survey highlights as potential sources of dissatisfaction and concern.<\/p>\n<p>NOTE: CLICK AND DOWNLOAD TO TAKE A SURVEY<\/p>\n<p>Thanks,<br \/>\nHR Department.&#8221;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Tips for Detection: Hightail is not a campus system The &#8220;Reply-To&#8221; address is different than the sending address which is common for spoofed emails The linked URL is hosted on a platform we do not utilize Phishing emails may come from legitimate file-sharing sites but contain malicious links in a shared document or download malware [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":15,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,4],"class_list":["post-41","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing","tag-phishtank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/41","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=41"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/41\/revisions"}],"predecessor-version":[{"id":42,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/41\/revisions\/42"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/15"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=41"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=41"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=41"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}