{"id":850,"date":"2022-09-14T10:17:53","date_gmt":"2022-09-14T17:17:53","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=850"},"modified":"2022-09-14T10:26:17","modified_gmt":"2022-09-14T17:26:17","slug":"phishing-from-9-14-2022-attention","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/850","title":{"rendered":"Phishing from 9\/14\/2022: &#8220;Attention !!&#8221;"},"content":{"rendered":"\n<p class=\"has-large-font-size\">Original Phishing Message<\/p>\n\n\n\n<p><strong><em>NOTE: If you received this message, simply delete it and do NOT click on the link. This message is NOT legitimate. <\/em><\/strong><\/p>\n\n\n\n<p><strong>From<\/strong>: Aishwarya Chandrasekaran &lt;axc1237[@]student[.]bham[.]ac[.]uk&gt;<br><strong>Subject: <\/strong>Attention !!<\/p>\n\n\n\n<figure class=\"wp-block-image size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"996\" height=\"201\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-password-phish.png\" alt=\"\" class=\"wp-image-851\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-password-phish.png 996w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-password-phish-300x61.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-password-phish-768x155.png 768w\" sizes=\"auto, (max-width: 996px) 100vw, 996px\" \/><\/figure>\n\n\n\n<h1 class=\"has-large-font-size wp-block-heading\"><strong>Tips for Detection<\/strong><\/h1>\n\n\n\n<ul class=\"wp-block-list\"><li>The language implies a sense of false urgency<\/li><li>The link leads to a malicious website. Always hover over links to see where they lead. <\/li><li>This sender is an individual from outside the university \u2014 note the sending address.<\/li><li>Legitimate notices about password expiration will begin 14 days prior to the impending password expiration. You will never be asked to click on a link to keep your password or stop password expiration.<\/li><li>Remember \u2013 do not share your credentials with anybody or enter it on online forms.<\/li><\/ul>\n\n\n\n<p class=\"has-large-font-size\">Where did the link lead?<\/p>\n\n\n\n<p>The link led to a fake Webmail login page. Notice the URL is bugle-clownfish-syhb[.]squarespace[.]com. Do not enter your university credentials on sites you do not recognize. <\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"540\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-22-password-phish-link-1024x540.png\" alt=\"\" class=\"wp-image-852\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-22-password-phish-link-1024x540.png 1024w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-22-password-phish-link-300x158.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-22-password-phish-link-768x405.png 768w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-22-password-phish-link-1440x759.png 1440w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/09\/9-14-22-password-phish-link.png 1500w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Text of Phishing Message<\/p>\n\n\n\n<p><strong>From<\/strong>: Aishwarya Chandrasekaran &lt;axc1237[@]student[.]bham[.]ac[.]uk&gt;<br><strong>Subject: <\/strong>Attention !! <\/p>\n\n\n\n<p>Attention !!<\/p>\n\n\n\n<p>Your password will expire in 24hrs, to stop this Click Here <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Phishing Message NOTE: If you received this message, simply delete it and do NOT click on the link. This message is NOT legitimate. From: Aishwarya Chandrasekaran &lt;axc1237[@]student[.]bham[.]ac[.]uk&gt;Subject: Attention !! Tips for Detection The language implies a sense of false urgency The link leads to a malicious website. Always hover over links to see where [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":852,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-850","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/850","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=850"}],"version-history":[{"count":3,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/850\/revisions"}],"predecessor-version":[{"id":856,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/850\/revisions\/856"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/852"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=850"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=850"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=850"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}