The email came from a company that the college does business with.
It is common for companies to send invoices or other information through a file sharing platform.
WeTransfer is a valid document sharing site.
Why this is phishing
The shared document is a PDF that launches another website, which does not go to the company or any known website.
The link asks to select a login service and then launches a login screen that does not resemble any Vassar College login screens.
We’ve seen this one before! The method of sending a PDF with an embedded link that then launches a phishing site is becoming increasingly common. Review previous Catch of the Day posts to see more examples.
Additional notes
This is an extremely dangerous Phishing attempt. If you clicked on this link and may have completed the form, please contact the Service Desk immediately at x7224 or servicedesk@vassar.edu
Always examine the link! Look at the information in your web browser to determine whether or not the site you are directed to is a Vassar site or an unknown (or suspicious) one.
A phone call to the alleged sender would quickly verify if this is a legitimate email. It only takes a few minutes to pick up the phone!
Report it as phishing to Google. Before deleting the message, make sure to click on “report phishing”.
A little paranoia goes a long way! Be suspicious of any email messages similar to this one.