Display name:<\/strong> Christopher Torres
Subject: <\/strong>Christopher Torres shared “Memo_” with you.<\/p>\n\n\n\n
![\"\"](\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/Screenshot-10-1024x470.png\")
<\/figure>\n\n\n\nTips for Detection<\/h2>\n\n\n\n- Though the email was sent from a legitimate Microsoft service (SharePoint), the email was sent from somebody outside the organization<\/li>
- Be wary of document shares that you are not expecting. Online collaboration tools are a frequent method of phishing attacks.<\/li>
- Many document share phishing emails contain enticing subject lines like “Memo”, \u201cDept Evaluation\u201d, \u201cDept Assessment\u201d, or \u201cAnnual Faculty Evaluations\u201d.<\/li>
- Though the links led to legitimate sites such as Microsoft SharePoint , the content displayed should be suspicious. Remember to NEVER enter passwords on online forms.<\/li><\/ul>\n\n\n\n
Text of Phishing Message<\/h2>\n\n\n\n
From: <\/strong>no-reply[@]sharepointonline[.]com
Display name:<\/strong> Christopher Torres
Subject: <\/strong>Christopher Torres shared “Memo_” with you. <\/p>\n\n\n\nChristopher Torres shared a file with you<\/p>\n\n\n\n
You have amessage from the admin<\/p>\n\n\n\n
Memo_<\/p>\n\n\n\n
This link will work for anyone.<\/p>\n","protected":false},"excerpt":{"rendered":"
Original Phishing Message From: no-reply[@]sharepointonline[.]comDisplay name: Christopher TorresSubject: Christopher Torres shared “Memo_” with you. Tips for Detection Though the email was sent from a legitimate Microsoft service (SharePoint), the email was sent from somebody outside the organization Be wary of document shares that you are not expecting. Online collaboration tools are a frequent method of phishing attacks. […]<\/p>\n","protected":false},"author":643,"featured_media":875,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,4],"class_list":["post-873","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing","tag-phishtank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/873","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/643"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=873"}],"version-history":[{"count":2,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/873\/revisions"}],"predecessor-version":[{"id":877,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/873\/revisions\/877"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/875"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=873"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=873"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=873"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Text of Phishing Message<\/h2>\n\n\n\n
From: <\/strong>no-reply[@]sharepointonline[.]com Christopher Torres shared a file with you<\/p>\n\n\n\n You have amessage from the admin<\/p>\n\n\n\n Memo_<\/p>\n\n\n\n This link will work for anyone.<\/p>\n","protected":false},"excerpt":{"rendered":" Original Phishing Message From: no-reply[@]sharepointonline[.]comDisplay name: Christopher TorresSubject: Christopher Torres shared “Memo_” with you. Tips for Detection Though the email was sent from a legitimate Microsoft service (SharePoint), the email was sent from somebody outside the organization Be wary of document shares that you are not expecting. Online collaboration tools are a frequent method of phishing attacks. […]<\/p>\n","protected":false},"author":643,"featured_media":875,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3,4],"class_list":["post-873","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing","tag-phishtank"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/873","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/643"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=873"}],"version-history":[{"count":2,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/873\/revisions"}],"predecessor-version":[{"id":877,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/873\/revisions\/877"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/875"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=873"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=873"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=873"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
Display name:<\/strong> Christopher Torres
Subject: <\/strong>Christopher Torres shared “Memo_” with you. <\/p>\n\n\n\n