{"id":651,"date":"2022-02-16T08:51:01","date_gmt":"2022-02-16T16:51:01","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=651"},"modified":"2022-02-16T09:29:54","modified_gmt":"2022-02-16T17:29:54","slug":"phishing-from-2-15-2022-covid-19-benefits","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/651","title":{"rendered":"Phishing from 2\/15\/2022: &#8220;Covid-19 Benefits&#8221;"},"content":{"rendered":"\n<p class=\"has-large-font-size\">Original Phishing Message<\/p>\n\n\n\n<p><strong><em>Note: If you received this message, please simply delete it. This message is NOT legitimate. Do not reply or click on the links contained in the email. <\/em><\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"445\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/02\/2-15-22-covid-phish.png\" alt=\"\" class=\"wp-image-652\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/02\/2-15-22-covid-phish.png 1000w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/02\/2-15-22-covid-phish-300x134.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/02\/2-15-22-covid-phish-768x342.png 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Tips for Detection<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Notice the maroon Caution banner prepended to the message. <\/li><li>The message did not come from an *@pugetsound.edu email address. <\/li><li>Updates regarding the university&#8217;s response to COVID-19 will be available on the website: <a href=\"https:\/\/www.pugetsound.edu\/emergency\/university-response-covid-19\">https:\/\/www.pugetsound.edu\/emergency\/university-response-covid-19<\/a>. <\/li><li>Remember &#8211; do not enter your Puget Sound credentials on sites you do not recognize or on online forms. <\/li><\/ul>\n\n\n\n<p class=\"has-large-font-size\">Text of Phishing Message<\/p>\n\n\n\n<p><strong>From: <\/strong>ENelson[@]pierce[.]ctc[.]edu<br><strong>Sub<\/strong>j<strong>ect:<\/strong> Covid-19 Benefits<\/p>\n\n\n\n<p>In response to the current hardship in the community due to the COVID-19 pandemic, the Employee Assistance Program has decided to support students and employees.<\/p>\n\n\n\n<p>The Employee Assistance Program will pay $4,500 to all eligible students &amp; employees, as COVID-19 support, starting from, Tuesday, February 15, 2022.<\/p>\n\n\n\n<p>Visit the Employee Benefits page and login with your school email to submit your application.<\/p>\n\n\n\n<p>Note: The Employee Benefits Program is available to all students and employees.<\/p>\n\n\n\n<p>Sincerely,<\/p>\n\n\n\n<p>COVID-19 Support Team<\/p>\n\n\n\n<p>Employee Assistance Program<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Phishing Message Note: If you received this message, please simply delete it. This message is NOT legitimate. Do not reply or click on the links contained in the email. Tips for Detection Notice the maroon Caution banner prepended to the message. The message did not come from an *@pugetsound.edu email address. Updates regarding the [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":652,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-651","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/651","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=651"}],"version-history":[{"count":2,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/651\/revisions"}],"predecessor-version":[{"id":655,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/651\/revisions\/655"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/652"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=651"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=651"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=651"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}