{"id":1731,"date":"2023-09-25T10:58:28","date_gmt":"2023-09-25T17:58:28","guid":{"rendered":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/?p=1731"},"modified":"2023-09-25T15:34:35","modified_gmt":"2023-09-25T22:34:35","slug":"pdf-attachment-in-a-legit-looking-email","status":"publish","type":"post","link":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/2023\/09\/25\/pdf-attachment-in-a-legit-looking-email\/","title":{"rendered":"pdf attachment in a legit looking email."},"content":{"rendered":"

Malicious actors deployed a bunch of phish against UVic recipients today. The trick they apply is to use some authentic text sent by a UVic person. In some cases that’s a mass-mail sent a year ago to hundreds of recipients, in some cases it is just the out-of office message of somebody. In all cases they add a line of theirs on top of the legit text — “please check the attachment”. The sender address is different. The display name may copy a name from the original email thread<\/span>. The attachment itself contains a link to the actual malicious content. A screenshots of a few examples are shown below. The pdf attachments are usually having a very short name – one or two characters. (however that doesn’t mean that every attachment with a long and meaningful name is legit). Be vigilant, apply common sense and don’t open attachments from suspicious emails (unknown sender, unsolicited, etc.).<\/p>\n

\"\"<\/p>\n

 <\/p>\n

\n

\"\"<\/p>\n

\n

\"\"<\/p>\n

\n

 <\/p>\n

The PDF itself looks like this:
\n\"\"<\/p>\n","protected":false},"excerpt":{"rendered":"

Malicious actors deployed a bunch of phish against UVic recipients today. The trick they apply is to use some authentic text sent by a UVic person. In some cases that’s a mass-mail sent a year ago to hundreds of recipients, in some cases it is just the out-of office message of somebody. In all cases … Continue reading pdf attachment in a legit looking email.<\/span><\/a><\/p>\n","protected":false},"author":738,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"image","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1731","post","type-post","status-publish","format-image","hentry","category-uncategorized","post_format-post-format-image"],"_links":{"self":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/1731","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/users\/738"}],"replies":[{"embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/comments?post=1731"}],"version-history":[{"count":4,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/1731\/revisions"}],"predecessor-version":[{"id":1742,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/1731\/revisions\/1742"}],"wp:attachment":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/media?parent=1731"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/categories?post=1731"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/tags?post=1731"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}