Why this looks valid

  • The email comes directly from Microsoft Sharepoint, and is the email address used for valid Sharepoint notifications
  • The email may appear to be from a Marist College employee

Why this is phishing

  • The shared document leads to a Microsoft Form that asks for an email address and "Portal Pass" (eg. password)
  • The Microsoft Form does not resemble any Marist College authentication service
  • Marist College will never ask any user for their password in a form

Additional notes

  • This is an extremely dangerous phishing attempt. If you clicked on the link and entered information into the form, please contact the Help Desk immediately at x4357 (HELP) or
  • This scam can also originate from a valid Google Apps share. By mindful of any unsolicited file shares from any source.
  • Remember:  always check the link.  You can hover over the link in the email to ensure that it going to a Marist College service.
  • Report this message to Microsoft. In Outlook on the Web, click the Junk menu, and select Phishing.
  • A little paranoia goes a long way! Be suspicious of any email messages similar to this one.