This email has multiple indicators of phishing. A first yet subtle sign is that the email is coming from capp@auburn.edu, which is a student affairs account - not a payroll related account. While this email was not labeled as external mail and came from an email of an @auburn address, you can look at more of the obvious display of the email. The Auburn University logo and statement of "Auburn University" seems to be pushed too close together. There is no punctuation on the second line of "Navigate below to view." Another point to make about this phishing attempt is that this email was not typed but instead the message was sent in the form of an image. Also, it uses a generic signature line of "Information and Technology" instead of the Office of Information and Technology. Since this is payroll affiliated, it would make more sense for payroll to be administered by Human Resources (HR). Considering this, Auburn University does have an official signature - which is not present on this email.
Tips if Something Seems Off:
Double-check the email address before responding.
Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust.
If you didn't expect it, reject it.
Original Message
Warning
The links and email addresses included in these messages are from real-life examples, do not attempt to explore them.
The most dangerous links have been removed - you can hover your cursor over these links to see the original address in a pop-up techtip (instead of in the corner of the browser window).