An image of a letter being caught by a fishing pole with the text "Gone Phishing"

Menu Display


Asset Publisher

NEWS: Employee Assistance Program

Why this looks valid

  • The email appears to be from Marist College
  • Employee Assistance Program portals are services often offered by Human Resources departments

Why this is phishing

  • The from address in this case was a Marist user address but wasn't someone from Human Resources
  • There is no branding or other indicators that this is a valid email
  • The link goes to a form that is not hosted at Marist or on any approved collaboration services such as Microsoft Office Forms
  • All Marist employee services are available on the My Marist HR tab
  • The name signed on the email does not match the sender address.

Additional notes

  • This is an extremely dangerous phishing attempt. If you clicked on the link and/or filled in your Marist credentials, please visit to reset your password. Please also contact the Help Desk immediately at x4357 (HELP) or to let them know you entered your credentials.
  • Spelling and grammatical errors are good indicators of malicious emails.
  • Remember:  always check the link.  You can hover over the link in the email to ensure that it goes to the service referenced in the email. On a mobile device, you can tap and hold the link to preview the page and see the website location.
  • Remember:  always verify Duo pushes were initiated by you. The attacker was able to get into user accounts after users willingly accepted pushes initiated by the attacker.
  • Report this message to Microsoft. In Outlook on the Web, click the Junk menu, and select Phishing.
  • We've seen this one before! Check the phishing post from May 29th, 2023.
  • A little paranoia goes a long way! Be suspicious of any email messages similar to this one.