{"id":889,"date":"2022-10-13T10:05:41","date_gmt":"2022-10-13T17:05:41","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=889"},"modified":"2022-10-13T10:05:43","modified_gmt":"2022-10-13T17:05:43","slug":"phishing-from-10-12-2022-it-support-desk-alert","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/the-phish-tank\/889","title":{"rendered":"Phishing from 10\/12\/2022: &#8220;IT SUPPORT DESK (ALERT)&#8221;"},"content":{"rendered":"\n<p class=\"has-large-font-size\">Original Phishing Message<\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"455\" src=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-12-22-it-nhs-phish-1024x455.png\" alt=\"\" class=\"wp-image-890\" srcset=\"https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-12-22-it-nhs-phish-1024x455.png 1024w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-12-22-it-nhs-phish-300x133.png 300w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-12-22-it-nhs-phish-768x341.png 768w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-12-22-it-nhs-phish-1536x682.png 1536w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-12-22-it-nhs-phish-1440x640.png 1440w, https:\/\/blogs.pugetsound.edu\/infosec\/files\/2022\/10\/10-12-22-it-nhs-phish.png 1803w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p class=\"has-large-font-size\">Tips for Detection<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Note the sense of urgency (e.g. 6 hours, final deadline). <\/li><li>The generic message (e.g. All EDU users) should be suspicious. <\/li><li>Hovering over the link does not take you to a University of Puget Sound website. Always use caution before clicking on links in emails. <\/li><li>Legitimate messages from Technology Services regarding password expiration will be sent 14 days prior.<\/li><\/ul>\n\n\n\n<p class=\"has-large-font-size\">Text of Phishing Message<\/p>\n\n\n\n<p><strong>From:<\/strong> anthony.salvana[@]nhs[.]net<br><strong>Subject<\/strong>: IT SUPPORT DESK (ALERT)<\/p>\n\n\n\n<p>IT SUPPORT Announcement<\/p>\n\n\n\n<p>All EDU users are advised to VERIFY their login information due to the phishing emails circulating. You have less than 6 hours remaining before time runs out! (FINAL DEADLINE)<\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>Username: Use your .Edu credentials (@.edu)<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>                                                     VERIFY HERE<\/code><\/pre>\n\n\n\n<p>If you have problems logging in, use the support email below for assistance from the system administrator.<\/p>\n\n\n\n<hr class=\"wp-block-separator\"\/>\n\n\n\n<p>Support email: SUPPORT[@]ADMIN[.]EDU<\/p>\n\n\n\n<p>Access via mobile device or computer<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Original Phishing Message Tips for Detection Note the sense of urgency (e.g. 6 hours, final deadline). The generic message (e.g. All EDU users) should be suspicious. Hovering over the link does not take you to a University of Puget Sound website. Always use caution before clicking on links in emails. Legitimate messages from Technology Services [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":890,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[3],"class_list":["post-889","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-phish-tank","tag-phishing"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/889","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=889"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/889\/revisions"}],"predecessor-version":[{"id":891,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/889\/revisions\/891"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/890"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=889"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=889"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=889"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}