![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/06\/6-8-22-account-settings-phish.png\")
<\/figure>\n\n\n\n<\/p>\n\n\n\n
Tips For Detection<\/p>\n\n\n\n
- Notice the maroon caution banner prepended to the message. This banner is added on messages that match patterns of other phishing attempts.<\/li>
- The entire body of the email is a hyperlinked image (instead of text) which should be suspicious. <\/li>
- Notice the stretched Puget Sound logo, the use of “PSU”, and the outdated text of the website. <\/li>
- Hovering over the image reveals that the link does not take you to a pugetsound.edu site.<\/li><\/ul>\n\n\n\n
Where Did the Link Lead?<\/p>\n\n\n\n
The link led to a a site harrison-wells[.]mykajabi[.]com <\/em>designed to collect your credentials. Never enter your username\/password on sites you do not recognize. If you entered any information on this page, please contact the Technology Service Desk as your password may be compromised. <\/p>\n\n\n\n
![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/06\/6-8-22-account-settings-phish-link-1024x584.png\")
<\/figure>\n\n\n\nText of Phishing Message<\/p>\n\n\n\n
From:<\/strong> sovajen[@]gvsu[.]edu
Subject:<\/strong> account settings<\/p>\n\n\n\nYour PSU account settings are out of date. To improve all student\/faculty\/staff account user experience, privacy policy update is required to avoid login interruption. <\/p>\n\n\n\n
Privacy Policy Action Required Now<\/p>\n\n\n\n
Visit [link removed<\/em>]<\/p>\n","protected":false},"excerpt":{"rendered":"
Original Phishing Message NOTE: If you received this message, please delete it and DO NOT click on any links. This message is not legitimate. Tips For Detection Notice the maroon caution banner prepended to the message. This banner is added on messages that match patterns of other phishing attempts. The entire body of the email […]<\/p>\n","protected":false},"author":521,"featured_media":753,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-752","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/752","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=752"}],"version-history":[{"count":3,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/752\/revisions"}],"predecessor-version":[{"id":759,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/752\/revisions\/759"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/753"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=752"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=752"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=752"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}