{"id":761,"date":"2022-06-16T09:26:17","date_gmt":"2022-06-16T16:26:17","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=761"},"modified":"2022-06-16T09:26:18","modified_gmt":"2022-06-16T16:26:18","slug":"phishing-from-6-15-2022-who-part-time-job","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/761","title":{"rendered":"Phishing from 6\/15\/2022: &#8220;(WHO) Part-Time Job&#8221;"},"content":{"rendered":"\n<p class=\"has-large-font-size\">Original Phishing Message<\/p>\n\n\n\n<p><strong><em>Note: If you received this message, please delete it. It is NOT legitimate and is a job scam. Do NOT send any information to dianne.arnold[@]whoemployments[.]com. <\/em><\/strong><\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"988\" height=\"469\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/06\/6-15-22-who-scam.png\" alt=\"\" class=\"wp-image-762\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/06\/6-15-22-who-scam.png 988w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/06\/6-15-22-who-scam-300x142.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/06\/6-15-22-who-scam-768x365.png 768w\" sizes=\"auto, (max-width: 988px) 100vw, 988px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Tips for Detection<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Beware of job scams and anything that seems too good to be true. Being offered $500\/week for 3-6 hours of work should be suspicious.<\/li><li>The email signature purported to be from the HR Manager at the university. However, the name of the individual does not work in Human Resources. <\/li><li>Being asked to provide a personal email address with no reasonable explanation should be suspicious. This is common in phishing emails so that attackers can continue communicating with you with less protections in place.<\/li><li>The attachment provides the contact information of the purported WHO employer as dianne.arnold[@]whoemployments[.]com. A legitimate individual working for the WHO will likely have an email address matching WHO\u2019s website who.int.<\/li><li>Please see Career and Employment Services\u2019 site for helpful tips on how to identify job scams:\u00a0<a rel=\"noreferrer noopener\" href=\"https:\/\/www.pugetsound.edu\/career-and-employment-services\/ces-students\/job-search-resources\/job-seeker-beware\" target=\"_blank\">https:\/\/www.pugetsound.edu\/career-and-employment-services\/ces-students\/job-search-resources\/job-seeker-beware<\/a><\/li><li>Please see the FTC&#8217;s page on fraudulent job offers: <a href=\"https:\/\/consumer.ftc.gov\/articles\/job-scams\">https:\/\/consumer.ftc.gov\/articles\/job-scams<\/a>. <\/li><li>If you are ever unsure about a message&#8217;s legitimacy, contact the Technology Service Desk. <\/li><\/ul>\n\n\n\n<p class=\"has-large-font-size\">Text of Phishing Message<\/p>\n\n\n\n<p><strong>Subject: (WHO) Part-Time Job<\/strong><\/p>\n\n\n\n<p>I am sharing a Part-Time job opportunity with a weekly pay of $500.00 from World Health Organization (WHO).<\/p>\n\n\n\n<p>Read the attached document for further information about the employment. If interested, follow the steps in the document and contact Ms. Dianne Arnold with your personal email address ( Gmail, Yahoo or Hotmail, etc.), for more details on the employment.<\/p>\n\n\n\n<p>Take note; this is strictly a work-from-home position.<\/p>\n\n\n\n<p>Sincerely,<\/p>\n\n\n\n<p>[<em>name redacted<\/em>]<br>HR Manager<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Phishing Message Note: If you received this message, please delete it. It is NOT legitimate and is a job scam. Do NOT send any information to dianne.arnold[@]whoemployments[.]com. Tips for Detection Beware of job scams and anything that seems too good to be true. Being offered $500\/week for 3-6 hours of work should be suspicious. [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":762,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-761","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/761","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=761"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/761\/revisions"}],"predecessor-version":[{"id":763,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/761\/revisions\/763"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/762"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=761"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=761"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=761"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}