Why this looks valid

• The email comes directly from Microsoft Sharepoint, and is the email address used for valid Sharepoint notifications
• The email may appear to be from a Marist College employee

Why this is phishing

• The shared document leads to a Microsoft Form that asks for an email address and "Portal Pass" (eg. password)
• The Microsoft Form does not resemble any Marist College authentication service
• Marist College will never ask any user for their password in a form

Additional notes

• This is an extremely dangerous phishing attempt. If you clicked on the link and entered information into the form, please contact the Help Desk immediately at x4357 (HELP) or helpdesk@marist.edu.
• This scam can also originate from a valid Google Apps share. By mindful of any unsolicited file shares from any source.
• Remember:  always check the link.  You can hover over the link in the email to ensure that it going to a Marist College service.
• Report this message to Microsoft. In Outlook on the Web, click the Junk menu, and select Phishing.
• A little paranoia goes a long way! Be suspicious of any email messages similar to this one.