{"id":634,"date":"2022-02-10T11:44:41","date_gmt":"2022-02-10T19:44:41","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=634"},"modified":"2022-02-10T11:50:07","modified_gmt":"2022-02-10T19:50:07","slug":"phishing-from-2-10-2022-susan-caico-shared-activities-intramurals-sp22-with-you","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/634","title":{"rendered":"Phishing from 2\/10\/2022: “Susan Caico shared ‘Activities & Intramurals SP22’ with you.”"},"content":{"rendered":"\n

Original Phishing Message<\/p>\n\n\n\n

Note: If you received this message, please simply delete it as it is NOT legitimate. Never enter your password on forms.<\/em><\/strong><\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n

Tips for Detection<\/p>\n\n\n\n

  • Notice the maroon “Caution” banner prepended to the message. The banner is applied on messages that match patterns of other phishing emails. Use extra caution to check the sender and investigate any links\/attachments.<\/li>
  • Notice the typo in spelling the president’s name.<\/li>
  • Many phishing attempts utilize legitimate cloud collaboration services such as Google Drive, SharePoint, OneDrive, Dropbox, etc. If you\u2019re not expecting a shared document and\/or do not know the sender, it is most likely NOT legitimate.<\/li><\/ul>\n\n\n\n

    Where Did the Link Lead?<\/p>\n\n\n\n

    The link led to a SharePoint document that asked you to click another link to view the file. The second link led to a Google Form asking for your credentials. Never<\/em><\/strong> <\/em>enter your username\/password information on a form. <\/p>\n\n\n\n

    \"\"<\/figure>\n\n\n\n
    \"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"

    Original Phishing Message Note: If you received this message, please simply delete it as it is NOT legitimate. Never enter your password on forms. Tips for Detection Notice the maroon “Caution” banner prepended to the message. The banner is applied on messages that match patterns of other phishing emails. Use extra caution to check the […]<\/p>\n","protected":false},"author":521,"featured_media":635,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-634","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/634","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=634"}],"version-history":[{"count":3,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/634\/revisions"}],"predecessor-version":[{"id":641,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/634\/revisions\/641"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/635"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=634"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=634"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=634"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}