Why this looks valid
- The email appears to be from from Vassar College
- The email presents itself as a zipped excel document
Why this is phishing
- The from address is not from Vassar.edu
- The attachment is encrypted with the password in the text of the email
- Vassar college will NEVER send bank transfer requests without director supervision to your inbox.
- The Encrypted document is malicious and can be used to infect your computer.
Additional notes
- This is an extremely dangerous phishing attempt. If you clicked on this link and filled in your credentials, please contact the Service Desk immediately at x7224 or servicedesk@vassar.edu
- Report it as phishing to Google. Before deleting the message, make sure to click on “report phishing”.
- A little paranoia goes a long way! Be suspicious of any email messages similar to this one.
- Did you know: the best way to protect your accounts is by using multi-factor authentication. See our post here: http://pages.vassar.edu/catchoftheday/2017/06/29/best-practice-enabling-multi-factor-authentication-with-duo/