UPDATE PAYCHECK ACCOUNT
This phish typically originates from a non-Cornell account. The sender may appear as "[Spoofed Name] <[user]@gmail.com>" and impersonates an employee. The scammer typically aims to coerce a Human Resources or other administrative staff member into making a fraudulent direct deposit change. Do not reply to the sender.
Hello [Name],
I hope you're doing well.
I'm reaching out to request an update to my bank details before the upcoming payroll deposit. Could you kindly guide me on the specific details you require for this update?
Thank you for your assistance, and I appreciate your swift response.
[Spoofed Name]
[Spoofed Title]
Sent from my iPhone