Why this looks valid
- The email may appear to be from an actual Vassar user.
- The email includes an invitation to open a Google Doc, which is a Vassar service.
Why this is phishing
- The subject line is suspicious. A normal sharing notification from Google would have the full document title in the subject line.
- The “to:” address is suspect. “mailinator” is a disposable email service, where users can create fly-by email addresses that cannot be accessed, cannot send mail, and any received email is deleted.
- A normal sharing notification from Google would have the name of the document in the body as well.
- When clicking on the link, a user is asked to allow access to email and contact information in Google mail. This would never happen from a valid Google share.
Additional notes
- This is an extremely dangerous phishing attempt. If you clicked on this link and allowed access to your Google mail, please contact the Service Desk immediately at x7224 or servicedesk@vassar.edu.
- This phishing attempt was widespread and widely reported. There is an overview of the incident here: http://money.cnn.com/2017/05/03/technology/google-docs-phishing-attack/index.html
- A phone call to the alleged sender would quickly verify if this is a legitimate email. It only takes a few minutes to pick up the phone!
- Report it as phishing to Google. Before deleting the message, make sure to click on “report phishing”.
- A little paranoia goes a long way! Be suspicious of any email messages similar to this one.