This phish typically originates from a non-Cornell account. The sender may appear as "Cornell HR. <[user]@orientcargo.com>". Do not scan the QR code nor contact the sender. The QR code directs to a fake login page. If you entered your credentials into the page, change your NetID password immediately at https://netid.cornell.edu.
At Cornell we value your privacy. To view our university's privacy practices, including information use and third parties, visit University Privacy.