A new type of phishing email is making the rounds.  This one targets the employees of a specific educational institution and appears to come from the president. It includes the right signature line and logo to enforce the deception.  Subject lines of the emails include:

• Codes of conduct
• Ethical standards
• Proper workplace behavior
• Rules governing conflicts of interest

The emails tends to announce new policies around employee conduct or discusses the renewed focus on ethical professional behavior. They look something like this:

They include an attachment that when opened, takes the employee to a web page that look like a legitimate login page.  What makes this one truly diabolical is once the login credentials are entered, the employee is taken to a legitimate website so they think nothing is amiss.

This is a great time to remind everyone to confirm the legitimacy of emails containing links or attachments that they are not expecting. As criminals can now make it look like an email is coming from someone our know, right down to the correct email address, there is no way to tell if an email is a phish or not unless you contact the person who appears to have sent it.