CORRECTION OF ACCOUNT
This phish typically originates from a non-Cornell email. The sender may appear as "[Spoofed Name] <[user]@gmail.com>" and impersonates a Cornell University employee. The sender's goal is typically to coerce a Human Resources or other administrative staff member to make a fraudulent direct deposit change. Do not reply to the sender.
Happy Wednesday,
I want to make a change to the checking account details associated with my account before my next paycheck is processed.
What data is required for the change to be made?
Thank you,
[Spoofed Name]