Phishing: Subject "[EXT] Kenneth Wearden shared "school assessment1" with you

Why?

Information Security has identified this phishing scam being sent to WPI.edu email addresses. 

Action Needed

If you received this message, DO NOT reply, click any links, open the "school assessment1" attachment, or provide any personal information. If your account was compromised by responding to this message, please work with the IT Service Desk and Information Security teams to regain access. Any time that you receive a suspicious email, please forward it as an attachment to phishing@wpi.edu, or use the report button in Outlook and delete.

Details

Information Security has identified this as the latest phishing email that circulated within the WPI community. 

Please note:   

This message was not sent by Vice President of University Advancement, Donna Stock.

The phishing attempt details:

Sent: Beginning Monday, May 6

Subject:  EXT] Kenneth Wearden Shared "School Assessment1" With You

From: The sender appears as Kenneth Wearden <no-reply@sharepointonline.com>: 

Body: Attempts to lure you to open a file named "school assessment1" s

Please note the following characteristics of phishing in this message:

1. Subject includes [EXT] which indicates the message originated outside of WPI. 

2. From indicates the message is from Kenneth Wearden <no-reply@sharepointonline.com>, but system messages would actually appear from SharePoint Online <no-reply@sharepointonline.com>.

3. Outlook warns you don't often get email from Kenneth Wearden <no-reply@sharepointonline.com>".

4. The message claims that the file is from Donna Stock, but a different address is in From, To, CC.

5. Do not scan open the file because the subject, sender, Outlook warning, and message content indicate this message is suspicious.