Why this is phishing

• The originating email address is the same as the person the mail was sent to.  It’s unlikely you sent yourself this message!
• The originating email address says it is from “Microsoft Outlook”.  Vassar’s official email platform is Google.
• Official communications from CIS have a specific subject line format that is not present in this email.
• The “privacy” and “legal” links at the bottom of the email are non-functional.

Additional notes

• Protect your accounts with multi-factor authentication!  If you do click on a phishing link and your Vassar credentials get compromised, attackers won’t be able to login:  http://pages.vassar.edu/catchoftheday/2017/06/29/best-practice-enabling-multi-factor-authentication-with-duo/
• This is an extremely dangerous Phishing attempt. If you clicked on this link and completed the form, please contact the Service Desk immediately at x7224 or servicedesk@vassar.edu
• Always examine the link! Look at the information in your web browser to determine whether or not the site you are directed to is a Vassar site or an unknown (or suspicious) one.
• Report it as phishing to Google. Before deleting the message, make sure to click on “report phishing”.
• A little paranoia goes a long way! Be suspicious of any email messages similar to this one.