{"id":886,"date":"2022-10-11T16:27:23","date_gmt":"2022-10-11T23:27:23","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=886"},"modified":"2022-10-11T16:27:24","modified_gmt":"2022-10-11T23:27:24","slug":"phishing-from-10-11-2022-funds-transaction","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/886","title":{"rendered":"Phishing from 10\/11\/2022: &#8220;FUNDS TRANSACTION,&#8221;"},"content":{"rendered":"\n<p class=\"has-large-font-size\">Original Phishing Message<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"455\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-11-22-funds-transaction-phish-1024x455.png\" alt=\"\" class=\"wp-image-887\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-11-22-funds-transaction-phish-1024x455.png 1024w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-11-22-funds-transaction-phish-300x133.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-11-22-funds-transaction-phish-768x341.png 768w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-11-22-funds-transaction-phish-1536x682.png 1536w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-11-22-funds-transaction-phish-1440x640.png 1440w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-11-22-funds-transaction-phish.png 1803w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Tips for Detection<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Technology Services adds a banner at the top of email messages that match patterns of previous phishing attacks. If you see this banner, please use extra caution.<\/li><li>Receiving a 30% commission to transfer $45.5 million completely out of the blue is certainly too good to be true!<\/li><li>The statement that &#8220;this funds transaction is 100% genuine,Real, legal and free risk&#8221; should be very suspicious.<\/li><li>The reply-to address is princeokon[@]citromail[.]hu which does not match the sending email address of test[@]jzbgno[.]hospedagemweb[.]net.<\/li><\/ul>\n\n\n\n<p class=\"has-large-font-size\">Text of Phishing Message<\/p>\n\n\n\n<p><strong>From<\/strong>: test[@]jzbgno[.]hospedagemweb[.]net<br><strong>Subject<\/strong>: FUNDS TRANSACTION,<\/p>\n\n\n\n<p>Hello Friend,<\/p>\n\n\n\n<p>How are you and your family today? My name is Prince Jonathan. Egobia,<br>My family need your assistance to transfer and invest the sum of<br>USD$45.5 Million dollars( Forty five Million Five Hundred United<br>States Dollars ).<br>my late father deposited in a bank here before his sudden death of<br>covid-19 2021.<\/p>\n\n\n\n<p>We want this funds to transfer and invest in your country through your<br>assistance and directive.30% of this funds is your commission for<br>assisting us.<\/p>\n\n\n\n<p>This funds transaction is 100% genuine,Real, legal and free risk.<\/p>\n\n\n\n<p>Please get back to me through this email: princeokon[@]citromail[.]hu , for<br>more details<\/p>\n\n\n\n<p>Thanks,<br>Jonathan Egobia,<br>For the Family.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Phishing Message Tips for Detection Technology Services adds a banner at the top of email messages that match patterns of previous phishing attacks. If you see this banner, please use extra caution. Receiving a 30% commission to transfer $45.5 million completely out of the blue is certainly too good to be true! The statement [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":887,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-886","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/886","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=886"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/886\/revisions"}],"predecessor-version":[{"id":888,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/886\/revisions\/888"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/887"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=886"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=886"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=886"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}