This phish typically originates from a non-Cornell account. The sender may appear as "Expedited Retrieval <[user]@skytechcontrol.io>". The link within directs to a fake login page. Do not follow the link nor contact the sender. If you entered your credentials into the linked form, change your NetID password immediately at https://netid.cornell.edu.