Why this looks valid
- The “from” field appears to contain a valid Vassar email address.
- The message looks similar to a Dropbox notification, including the usage of a valid logo.
- Vassar College constituents often use Dropbox to share files.
Why this is phishing
- The URL, or link, contained in the message does not link to Dropbox.
- The destination link asks the user to pick from a number of services to login, as opposed to going directly to a Dropbox login screen.
- Grammar errors, spelling errors, and generic salutations and sign-offs are usually indicative of a suspicious email.
Additional notes
- A phone call to the alleged sender would quickly verify if this is a legitimate email. It only takes a few minutes to pick up the phone!
- Report it as phishing to Google. Before deleting the message, make sure to click on “report phishing”.
- A little paranoia goes a long way! Be suspicious of any email messages similar to this one.