Phishing Alert: Missing Reconciliation Worksheet

Date Sent: Sep 15, 2021

Phishing Summary:

In this phishing email, the attacker is trying to disguise themselves as a member of the Gettysburg College Financial Aid Department. The attacker claims that the student recipients have missing or inaccurate information on their Reconciliation Worksheet and need to update the information through link URL's that are placed within the message. The purpose of the deceptive URL links is for students to provide personal information that the attacker can then use.

Spotting the Phishing

The yellow caution disclaimer indicates that the message did not come from within Gettysburg College. This can be confirmed is you look at the senders address, as it does not show @gettysburg.edu but @gettysburg-college.com. There is a generic greeting being used, which is not addressed to a specific user, “Attention Student”. The email also creates a sense of urgency requiring immediate action, which is done to create a sense of panic so the recipient clicks the links without thinking. There are 4 links within the email, all 4 point to the same URL which does not look to be associated with Financial Aid at all.

What should you do if you receive a Phishing Scam?

  • Don't reply
  • Don't click on any links
  • Don't open any attachments
  • Report as spam or immediately delete the email

What should you do if you accidentally clicked on any of the links?

  • Immediately change your password, scan your device for viruses and contact the IT Helpdesk or by calling 717.337.7000