November 2023
A real phishing attempt targeting NISD received on November 13, 2023.
When you get an unsolicited file or document to review, it is best to check the sender or ensure that you are expecting an email. In this instance, the account used to send the email appears to be a valid email address; however, calling or following up with the company using separate communication to confirm the validity of the communication would help secure your account. This phish uses a fake "captcha" page to build a false sense of security. Once on the landing page, you can see that the domain "0ffice.o*********c.click" is not what we would be expecting when logging into NISD's portal, the "o" in office is also a zero which should be a red flag. The page appears legitimate because it has the username filled in, however that is just a function of the page and can be replicated by changing the text in the address bar highlighted above. Be careful what you click on, even if it has some signs of being secure and legitimate!