Unsolicited requests or offers especially ones from addresses you don't recognize, should never be trusted.

A popular phishing technique is selecting a current event or of annual event to send out fake announcements, alerts, or appointments for.  Taxes, elections, and even the current pandemic as seen here, look legitimate as it's a topic being actively discussed on media etc....  As always double checking the sending address and any URL's contained in the message before trusting it. 

This phish contained an attachment claiming to be an invoice due, but likely this file is malware.  Pretending to be an invoice due creates a sense or urgency.

This a is fairly easy phishing attempt to spot, but is a reminder to never trust links or attachments in unsolicited emails. 

This phish can have costly consequences.  The hope is the HR person this was sent to will reply and request the information for the direct deposit account (of course the attacker's account).  This is a great reminder to take a good look at the sending address of the message (it was NOT the employee's Holy Cross email) and follow up not using any information or reply from the message. 

The phish was crafted to look like it came from a VIP at the College, hoping the recipient would react quickly and not question it. 

This phish tries to look like a collaboration request on for a document (transcript in this case).  The link goes to a document containing links to malicious sites posing as login pages. 

This sort of phishing technique occurs quite often.  It's always a very short and vague message and often tries to look like it came from someone at Holy Cross.  The sender's hope is to get a response and open a dialog, eventually asking for a gift card or credentials to an account. 

There's been an uptick in phish purporting to come from department heads or even higher that containing an attachment or link to online document.  The hope is to get the recipient to react quickly and open or link to the document.  Always double check the sending address and give thought if this message is something you would expect from the sender. 

This is a phish purporting to be a College employee yet clearly not from a Holy Cross email address.  They are requesting a change in direct deposit in hopes the receiver will divert funds to someone else's bank account.