Email spoofing is a technique used in spam and phishing attacks to trick email recipients into thinking a message came from a person or entity that they either know or can trust. In these spoofing attacks, the sender forges email accounts with a display name of an individual the recipient may know and thus more likely to trust it. Unfortunately this can lead to clicking on malicious links or attachments within the email message.
When you receive a suspicious email that appears to be from someone you know, make note if the subject line has an [EXTERNAL] tag or not. This could show that while the display name is familiar, the email address is actually not an rpi.edu
Common, but not exhaustive scams, include student work-at-home and requests for gift cards. Also, there are attempts to obtain cell phone numbers with the goal to take the scam out of the RPI email and phone system.
Quishing is scammers sending phishing emails that contain QR codes: Five Common QR code scams
The below article has helpful information to look out for when trying to determine if an email is legitimate or not:
How do you know if you received a Phishing or Spoofing Email
This section has more in-depth information on Spam and Phishing
When in doubt you can always forward the email to: itssc@support.rpi.edu and DotCIO will look into it for you.
Posted: 09/19/2023