While Phishing is a constant threat to organizations and individuals, we wanted to make you aware of a recent phishing attempt that has been seen at Crowder.
The body of the email contains a picture of text and a QR code, avoiding many of the email filters detections. Furthermore, the QR code is generated for a Constant Contact url, a legitimate service used by many organizations to distribute emails. Lastly, the email came from a known education group (not Crowder) with a .edu email address, giving it further credibility.
Fortunately, Crowder users flagged the email for review and Information Services has blocked the future emails to Crowder from this sender. Despite this success, we expect criminals to continue to use QR codes and legitimate services, like Constant Contact, to phish organizations. Please be cautious of all emails, looking for oddities, and especially QR codes and shortened urls that hide where they actually direct.
A screenshot of the malicious email is below: