The “from” field contains a known Vassar user, with the correct vassar.edu email address
The signature file looks to be from the known user
Why this is phishing
The URL, or link, contained in the message is not Google
The subject of the message, DropBox, is not related to the content, which is Google
Additional notes
If you know the person who appeared to have sent the message, call them and ask if they sent it. It only takes a few minutes to verify if it is legitimate.
Report it as phishing to Google. Before deleting the message, make sure to click on “report phishing”.
A little paranoia goes a long way! Be suspicious of any email messages similar to this one.
