{"id":474,"date":"2021-10-27T08:36:43","date_gmt":"2021-10-27T15:36:43","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=474"},"modified":"2021-10-27T08:36:46","modified_gmt":"2021-10-27T15:36:46","slug":"phishing-from-10-26-2021-you-have-a-new-voice-call","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/474","title":{"rendered":"Phishing from 10\/26\/2021: “You have a new voice call”"},"content":{"rendered":"\n

Original Phishing Message<\/p>\n\n\n\n

Note: If you received this message, please delete it as it is NOT legitimate. Do not click any links. <\/em><\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Tips for Detection<\/p>\n\n\n\n

  • Notice the Caution banner added to the message. This banner is added on messages that may match previous phishing attempts. <\/li>
  • The sender email address is not from an @pugetsound.edu address. <\/li>
  • Notice the time mismatch between when the email was sent (12:23pm) and the alleged time the voicemail was received (2:23pm). Since notification emails such as these are generally automated, the timestamps would usually match. <\/li>
  • The link would have taken you to a fake Outlook login page. Do not enter your Puget Sound credentials on sites you do not recognize or on any forms. <\/li>
  • If you are unsure what legitimate voicemail notification emails look like for your campus phone, please contact the Service Desk for a detailed description. <\/li><\/ul>\n\n\n\n

    Text of Phishing Message<\/p>\n\n\n\n

    From:<\/strong> pugetsound.edu Ring central Notification <info[@]alkanaah-international[.]com>
    Subject:<\/strong> You have a new voice call<\/p>\n\n\n\n

    VN Time : 10\/26\/2021 02:23:14 pm
    Reception Domain : pugetsound.edu
    Caller-ID :(303) 452**** Caller-ID
    Audio Length: 0.38<\/p>\n\n\n\n

    Listen to your voiceaudio [link removed<\/em>]<\/p>\n","protected":false},"excerpt":{"rendered":"

    Original Phishing Message Note: If you received this message, please delete it as it is NOT legitimate. Do not click any links. Tips for Detection Notice the Caution banner added to the message. This banner is added on messages that may match previous phishing attempts. The sender email address is not from an @pugetsound.edu address. […]<\/p>\n","protected":false},"author":521,"featured_media":475,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-474","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/474","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=474"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/474\/revisions"}],"predecessor-version":[{"id":476,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/474\/revisions\/476"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/475"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=474"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=474"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=474"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}