Why this looks valid

• The email may appear to come from a Marist College colleague
• The email uses the same email format and language as a legitimate Docusign notification
• Requests to e-sign documents is very common
• The message is personalized for the recipient
• There is a disclaimer at the bottom of the message

Why this is phishing

• The QR code link does not go to a Marist College website or service
• Legitimate e-signature platforms do not ask the user to scan a QR code
• Most of the email message is a digital image, as opposed to text

Additional notes

• This is an extremely dangerous phishing attempt. If you scanned the QR code and filled in your personal information, please contact the Help Desk immediately at x4357 (HELP) or helpdesk@marist.edu .
• Beware of QR codes:  QR Codes embedded in phishing emails are become more popular as a way to evade email threat detection and bypass standard Cybersecurity tools that are used on most desktops and laptops. See our recent post about quishing to find out more!
• Report this message to Microsoft. In Outlook on the Web, click the Junk menu, and select Phishing.
• A little paranoia goes a long way! Be suspicious of any email messages similar to this one.