This targeted phishing scam used a compromised Auburn account to urge the recipient to click on a malicious link.
Tips if Something Seems Off:
Double-check the sender/email address before responding.
Look to make sure the email address is correct and the sender is someone you would expect to contact you. In Gmail or Outlook, hover your mouse over the sender's name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust. In this example, when hovering over the link, the link goes to jotform.com which is different from the displayed text (microsoft/verification/auburn/.com). Along with that, the sense of urgency caused by the 24-hour notice to termination is a common trick with phishing emails. One last hint that this is a phishing email is that the subject is MICROSOFT OFFICE while the sender (which has been redacted) was an Auburn student.
Original Message
Warning
The links and email addresses included in these messages are from real-life examples, do not attempt to explore them.
The most dangerous links have been removed - you can hover your cursor over these links to see the original address in a pop-up techtip (instead of in the corner of the browser window).