An image of a letter being caught by a fishing pole with the text "Gone Phishing"


Menu Display

Breadcrumb

Asset Publisher

PHISHING: New dates for payroll

Why this looks valid

  • The email includes a Marist logo
  • The email says it is from Marist payroll
  • The website looks exactly like the valid Marist College sign on page
  • After entering credentials, it asks for a Duo passcode on a page that looks exactly like the Duo prompt

Why this is phishing

  • The from address is not a marist.edu email
  • The orange EXTERNAL EMAIL banner shows that it came from off-campus
  • The Marist College sign-in page is not a marist.edu website
  • The Duo page is not a duo.com website and does not allow any Duo authentication options except for a passcode 

Additional notes

  • This is an extremely dangerous phishing attempt. If you clicked on the link and filled in your Marist credentials and a Duo passcode, please contact the Help Desk immediately at x4357 (HELP) or helpdesk@marist.edu (please note that just clicking on the website is not harmful and poses no risk to your computer or information).
  • How does this work? After putting in your Marist credentials, a new page asks for a Duo passcode. If you put in the passcode, attackers will use your Marist credentials to log into your Marist account, and input the Duo passcode in order to complete mutli-factor authentication. Since you have not actually used the code, the attacker can use it to get into your account.
  • Spelling and grammatical errors are good indicators of malicious emails.
  • Remember:  always check the link.  You can hover over the link in the email to ensure that it goes to the service referenced in the email. On a mobile device, you can tap and hold the link to preview the page and see the website location.
  • Report this message to Microsoft. In Outlook on the Web, click the Junk menu, and select Phishing.
  • A little paranoia goes a long way! Be suspicious of any email messages similar to this one.