Why this looks valid

• The email appears to be from the CIS Service desk.
• The message contains a screenshot from Vassar’s single-sign-on service, VassarOne.

Why this is phishing

• The link that launches from the attached PDF does not go to a Vassar site or any other service related to Vassar.
• The outside link requires a generic “email id” login screen which does not resemble any Vassar College login screens.
• We’ve seen this one before! A very similar one was circulated during the spring semester: http://pages.vassar.edu/catchoftheday/2017/04/25/from-cis-action-required-important-legislative-update-to-all-vassar-members/

Additional notes

• This is an extremely dangerous Phishing attempt. If you clicked on this link and may have completed the form, please contact the Service Desk immediately at x7224 or servicedesk@vassar.edu
• Always examine the link! Look at the information in your web browser to determine whether or not the site you are directed to is a Vassar site or an unknown (or suspicious) one.
• A phone call to the alleged sender would quickly verify if this is a legitimate email. It only takes a few minutes to pick up the phone!
• Report it as phishing to Google. Before deleting the message, make sure to click on “report phishing”.
• A little paranoia goes a long way! Be suspicious of any email messages similar to this one.
• Did you know:  the best way to protect your accounts is by using multi-factor authentication.  See our recent post here:  http://pages.vassar.edu/catchoftheday/2017/06/29/best-practice-enabling-multi-factor-authentication-with-duo/