{"id":428,"date":"2021-07-21T10:33:51","date_gmt":"2021-07-21T17:33:51","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=428"},"modified":"2021-07-21T10:33:53","modified_gmt":"2021-07-21T17:33:53","slug":"phishing-from-7-21-21-pugetsound-fax-72912659-july-21-2021","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/428","title":{"rendered":"Phishing from 7\/21\/21: &#8220;Pugetsound-FAX-72912659 | July 21, 2021&#8221;"},"content":{"rendered":"\n<p class=\"has-large-font-size\">Original Phishing Message<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"958\" height=\"561\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2021\/07\/7-21-21-fax-phish.png\" alt=\"\" class=\"wp-image-429\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2021\/07\/7-21-21-fax-phish.png 958w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2021\/07\/7-21-21-fax-phish-300x176.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2021\/07\/7-21-21-fax-phish-768x450.png 768w\" sizes=\"auto, (max-width: 958px) 100vw, 958px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Tips for Detection<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>The university does not add a &#8220;safe senders&#8221; banner to email messages. <\/li><li>The university does not utilize a fax to email service at this time. Therefore, if you receive an email saying you received a fax to your office phone number, the message is likely not legitimate. <\/li><li>The email contained a .htm attachment. Always use caution with .html or .htm attachments as they are heavily used in phishing attacks. Never enter your credentials on a webpage you do not recognize or trust. <\/li><li>Notice the sender&#8217;s display name and email address being mismatched. <\/li><\/ul>\n\n\n\n<p class=\"has-large-font-size\">Text of Phishing Message<\/p>\n\n\n\n<p>From: dmiller[@]keelermiller[.]com<br>Subject: Pugetsound-FAX-72912659 | July 21, 2021<\/p>\n\n\n\n<p>This sender has been verified from pugetsound.edu safe senders list.<\/p>\n\n\n\n<p>New Faxed Documents Received For [<em>name removed<\/em>].<\/p>\n\n\n\n<p>You have been faxed 3 documents) from (976 976) &#8211; 57**.<\/p>\n\n\n\n<p>\u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 Pages \u2003 \u2003 \u2003 Check #02933 front and back Copy PDF.<\/p>\n\n\n\n<p>\u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 \u2003 Received \u2003 \u2003 July 21, 2021<\/p>\n\n\n\n<p>To view Fax, please refer to attachment and authenticate user to enable instant access to all your fax messages on<br>the go.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Phishing Message Tips for Detection The university does not add a &#8220;safe senders&#8221; banner to email messages. The university does not utilize a fax to email service at this time. Therefore, if you receive an email saying you received a fax to your office phone number, the message is likely not legitimate. The email [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":429,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-428","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/428","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=428"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/428\/revisions"}],"predecessor-version":[{"id":430,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/428\/revisions\/430"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/429"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=428"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=428"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=428"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}