{"id":625,"date":"2022-02-09T13:30:58","date_gmt":"2022-02-09T21:30:58","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=625"},"modified":"2022-02-09T13:31:32","modified_gmt":"2022-02-09T21:31:32","slug":"phishing-from-2-9-2022-service-help-desk","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/625","title":{"rendered":"Phishing from 2\/9\/2022: “Service Help Desk”"},"content":{"rendered":"\n

Original Phishing Message<\/h2>\n\n\n\n

If you received this message, please delete it as it is NOT legitimate. Do NOT click the link or submit any information.<\/em><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Tips for Detection<\/h2>\n\n\n\n
  • Legitimate emails regarding your Puget Sound password will come from ts-no-reply@pugetsound.edu<\/strong>. You will receive more than two days notice on an impending password expiration, and you’ll never <\/strong>be contacted by an individual from Technology Services about your password.<\/li>
  • This sender is an individual from outside the university — note the sending address. <\/li>
  • This email contains grammatical errors and typos with no forms of contact. Official TS emails will include our email and extension.<\/li>
  • The link added to the message does not lead to a Puget Sound site, but rather an online form. <\/li><\/ul>\n\n\n\n

    Where Did the Link Lead?<\/h2>\n\n\n\n

    The link goes to a form on share[.]hsforms[.]com, and prompts you for your username, email, password, and a password confirmation. Never submit passwords on any form.

    Users should note the suspicious formatting of the word “password,” likely as an attempt to evade automatic spam protection.
    <\/p>\n\n\n\n

    \"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"

    Original Phishing Message If you received this message, please delete it as it is NOT legitimate. Do NOT click the link or submit any information. Tips for Detection Legitimate emails regarding your Puget Sound password will come from ts-no-reply@pugetsound.edu. You will receive more than two days notice on an impending password expiration, and you’ll never […]<\/p>\n","protected":false},"author":635,"featured_media":626,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-625","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/625","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/635"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=625"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/625\/revisions"}],"predecessor-version":[{"id":628,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/625\/revisions\/628"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/626"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=625"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=625"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=625"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}