Why this looks valid

• The email may appear to be from an actual Vassar user.
• The email includes an invitation to open a Google Doc, which is a Vassar service.

Why this is phishing

• The subject line is suspicious.  A normal sharing notification from Google would have the full document title in the subject line.
• The “to:” address is suspect.  “mailinator” is a disposable email service, where users can create fly-by email addresses that cannot be accessed, cannot send mail, and any received email is deleted.
• A normal sharing notification from Google would have the name of the document in the body as well.
• When clicking on the link, a user is asked to allow access to email and contact information in Google mail.  This would never happen from a valid Google share.

Additional notes

• This is an extremely dangerous phishing attempt. If you clicked on this link and allowed access to your Google mail, please contact the Service Desk immediately at x7224 or servicedesk@vassar.edu.
• This phishing attempt was widespread and widely reported.  There is an overview of the incident here:  http://money.cnn.com/2017/05/03/technology/google-docs-phishing-attack/index.html
• A phone call to the alleged sender would quickly verify if this is a legitimate email. It only takes a few minutes to pick up the phone!
• Report it as phishing to Google. Before deleting the message, make sure to click on “report phishing”.
• A little paranoia goes a long way! Be suspicious of any email messages similar to this one.