Recently the Information Security Office has noticed many instances of a phishing scam requesting users to download a document from Drop-Box for their financial records. The e-mail contains many different sections that may seem legitimate, but you should NOT open the link or respond to the e-mail. Please note that the download link in the body of the e-mail can be different than the one that is pictured.
Please remember to never open attachments from unrecognized senders or follow links to sites you are unfamiliar with. Opening the attachment(s) or navigating to the phishing web page could infect your machine and/or leak personal information. Another check is to look at the sender of the e-mail. Normally a legitimate organization will have a somewhat simple naming convention for their e-mail accounts (relating to the user’s name), and their domain will coincide with their company name. If either the name or the domain seem suspicious, be cautious when responding or acting.
If you receive a suspicious email, please forward it to firstname.lastname@example.org. If you fall victim to one of these attacks, change your password immediately, and contact the Help Desk to make sure your machine is not infected.