The email message you just read and the link you clicked were part of Ringling’s Phishing Education effort. Phishing is when attackers send fake emails with malicious files or attempt to engage you and steal information such as usernames and passwords. The highlighted items below show indicators that the message was not legitimate. 

[1] Attackers will use urgency and/or excitement to entice you to interact with the email, promising you some kind of reward or warning you if you do not act promptly.

[2] There are ways for an attacker to spoof any email address or sender name.

[3] If an email is unexpected and vague and is trying to get you to confuse you into downloading a file or click a link, it could be fake and you should verify by checking with the sender or get a second opinion from the IT department.

[4] Typos are often common on these types of scams and are a good indication that there is something off about the message

[5] Hovering over the links shows the target domain to be a seemingly random and unsafe link – not a Ringling hosted URL as expected. And while the spoofed page looks similar to the legitimate Ringling website, the domain name is not from “ringling.edu” so it cannot be trusted and could be owned by someone malicious. 

[6] Be sure to scrutinize any site asking you to submit a password.

Phishing attacks are fairly common and it can be easy to fall prey to them. The purpose of this exercise is to increase awareness of how to detect future phishing attempts. By paying attention before you click or download, you can protect yourself and the Ringling community.