{"id":1523,"date":"2026-03-23T12:39:20","date_gmt":"2026-03-23T16:39:20","guid":{"rendered":"https:\/\/www.montclair.edu\/phish-files\/?p=1523"},"modified":"2026-03-23T12:45:23","modified_gmt":"2026-03-23T16:45:23","slug":"statement-from-the-montclair-state-university-is-ready-to-view","status":"publish","type":"post","link":"https:\/\/www.montclair.edu\/phish-files\/2026\/03\/23\/statement-from-the-montclair-state-university-is-ready-to-view\/","title":{"rendered":"Statement from The ÌÇÐÄvlog is ready to view"},"content":{"rendered":"<h2 data-section-id=\"1311924\" data-start=\"931\" data-end=\"973\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.montclair.edu\/phish-files\/wp-content\/uploads\/sites\/290\/2026\/03\/Statement-from-The-Montclair-State-University-2.png\" alt=\"The image displays a welcome message from ÌÇÐÄvlog for staff, outlining employee benefits such as health insurance, dental insurance, flexible spending accounts, and paid time off.\" width=\"640\" height=\"506\" \/> <img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.montclair.edu\/phish-files\/wp-content\/uploads\/sites\/290\/2026\/03\/Statement-from-The-Montclair-State-University.png\" alt=\"The image shows a login prompt overlaying a document, asking for email and password to access the content.\" width=\"911\" height=\"514\" \/><\/h2>\n<h2 data-section-id=\"1311924\" data-start=\"931\" data-end=\"973\">Why This Email Might Look Legitimate<\/h2>\n<p data-start=\"975\" data-end=\"1041\">This phishing attempt is designed to appear credible to employees:<\/p>\n<ul data-start=\"1043\" data-end=\"1390\">\n<li data-section-id=\"1m8zjw0\" data-start=\"1043\" data-end=\"1114\">Familiar HR-related language (compensation, benefits, statements)<\/li>\n<li data-section-id=\"lebhll\" data-start=\"1115\" data-end=\"1187\">References to real employee benefits (e.g., health insurance, PTO)<\/li>\n<li data-section-id=\"xycdub\" data-start=\"1188\" data-end=\"1241\">Use of university branding\/logos to build trust<\/li>\n<li data-section-id=\"au082x\" data-start=\"1242\" data-end=\"1307\">Hosted on Google Docs, a commonly used and trusted platform<\/li>\n<li data-section-id=\"1flcc2b\" data-start=\"1308\" data-end=\"1390\">Minimal wording, which can make it feel like a routine internal notification<\/li>\n<\/ul>\n<h2 data-section-id=\"hdagm\" data-start=\"1397\" data-end=\"1427\">How We Know It\u2019s a Phish<\/h2>\n<p data-start=\"1429\" data-end=\"1521\">There are several red flags that indicate this is not a legitimate university communication:<\/p>\n<ul data-start=\"1523\" data-end=\"1855\">\n<li data-section-id=\"68usc0\" data-start=\"1523\" data-end=\"1599\">Generic and unclear wording (\u201cThe ÌÇÐÄvlog is ready to view\u201d)<\/li>\n<li data-section-id=\"w7xw8b\" data-start=\"1600\" data-end=\"1664\">Unexpected message\u2014no prior notice about a new \u201cstatement\u201d<\/li>\n<li data-section-id=\"huk0gl\" data-start=\"1665\" data-end=\"1757\">Google Docs link instead of an official Montclair system (e.g., HR or payroll portal)<\/li>\n<li data-section-id=\"1am1xga\" data-start=\"1758\" data-end=\"1801\">Login prompt on a non-university page<\/li>\n<li data-section-id=\"t1cwff\" data-start=\"1802\" data-end=\"1855\">Lack of official contact information or context<\/li>\n<\/ul>\n<p data-start=\"1857\" data-end=\"2041\">Legitimate university communications about compensation or benefits will always direct you to official systems and will not request login credentials through third-party platforms.<\/p>\n<h2 data-section-id=\"1i29nwq\" data-start=\"2048\" data-end=\"2088\">What Happens If You Click the Link<\/h2>\n<p data-start=\"2090\" data-end=\"2146\">If you interact with the document and attempt to log in:<\/p>\n<ul data-start=\"2148\" data-end=\"2529\">\n<li data-section-id=\"rb9p4j\" data-start=\"2148\" data-end=\"2231\">You may be directed to a fake login page designed to capture your credentials<\/li>\n<li data-section-id=\"1icsahn\" data-start=\"2232\" data-end=\"2302\">Your NetID, password, or Duo authentication could be compromised<\/li>\n<li data-section-id=\"195hzlu\" data-start=\"2303\" data-end=\"2448\">Attackers could gain access to:\n<ul data-start=\"2339\" data-end=\"2448\">\n<li data-section-id=\"1pkmss0\" data-start=\"2339\" data-end=\"2377\">Email and sensitive communications<\/li>\n<li data-section-id=\"358mfu\" data-start=\"2380\" data-end=\"2402\">Montclair systems (Workday, Nest, etc.)<\/li>\n<li data-section-id=\"2fzu1i\" data-start=\"2405\" data-end=\"2448\">Personal or payroll-related information<\/li>\n<\/ul>\n<\/li>\n<li data-section-id=\"cq3eyl\" data-start=\"2449\" data-end=\"2529\">Your account may then be used to <strong data-start=\"2484\" data-end=\"2519\">send additional phishing emails<\/strong> to others<\/li>\n<\/ul>\n<h2 data-section-id=\"42zfp6\" data-start=\"2536\" data-end=\"2551\">What To Do<\/h2>\n<p data-start=\"2553\" data-end=\"2600\">If you receive this email or something similar:<\/p>\n<ul data-start=\"2602\" data-end=\"2737\">\n<li data-section-id=\"l6bmkh\" data-start=\"2602\" data-end=\"2629\"><strong data-start=\"2604\" data-end=\"2629\">Do not click the link<\/strong><\/li>\n<li data-section-id=\"9z5puq\" data-start=\"2630\" data-end=\"2698\">Report the email using the <a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/pab\/\"><strong data-start=\"2632\" data-end=\"2687\">Phish Alert Button (PAB)<\/strong><\/a><\/li>\n<\/ul>\n<p data-start=\"2739\" data-end=\"2799\">If you already clicked the link or entered your information:<\/p>\n<ul data-start=\"2801\" data-end=\"3037\">\n<li data-section-id=\"1888j4w\" data-start=\"2801\" data-end=\"2850\">Change your <a href=\"https:\/\/iams-amc.montclair.edu\/page-intro\">NetID<\/a> password immediately<\/li>\n<li data-section-id=\"16xx35h\" data-start=\"2851\" data-end=\"2933\">Report the incident using the <a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/pab\/\"><strong data-start=\"2853\" data-end=\"2933\">Phish Alert Button<\/strong><\/a><\/li>\n<li data-section-id=\"wmhp1y\" data-start=\"2934\" data-end=\"3037\">If you approved a Duo request you did not initiate, <strong data-start=\"2988\" data-end=\"3037\">deny future requests and report it right away<\/strong><\/li>\n<\/ul>\n<h2>Additional Notes:<\/h2>\n<ul>\n<li><strong>Remember<\/strong><strong>:<\/strong>\u00a0Information Technology will never text you. We will also never request your password or Duo codes,\u00a0<strong>ever<\/strong>.<\/li>\n<li>Information Technology will\u00a0<strong data-start=\"1865\" data-end=\"1872\">not<\/strong>\u00a0ask you to verify accounts or submit passwords through unofficial forms or unexpected email links.<\/li>\n<li>Do you think you\u2019ve fallen for a scam? Did you share personal information? Downloaded malicious content? Please contact the IT Service Desk at\u00a0<a href=\"tel:973-655-7971\" class=\"\"><span class=\"a11y-phone-number initialized\" aria-label=\"9 7 3 6 5 5 79 71 \">973-655-7971<\/span><\/a>\u00a0option 1 or email\u00a0<a href=\"mailto:itservicedesk@montclair.edu\">itservicedesk@montclair.edu<\/a>.<\/li>\n<li>Use the\u00a0<a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/pab\/\">Knowbe4 Phish Alert Button (PAB)<\/a>\u00a0to report malicious emails directly to the Information Security team for review. If you are not using the Gmail client please forward the email to\u00a0<a href=\"mailto:phishfiles@montclair.edu\">phishfiles@montclair.edu<\/a>.<\/li>\n<li>Always use the \u201chover over\u201d technique to check web links before clicking! For more security tips please visit our\u00a0<a href=\"https:\/\/www.montclair.edu\/information-technology\/security\/security-tips\/\">Security Tips<\/a>\u00a0page.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Why This Email Might Look Legitimate This phishing attempt is designed to appear credible to employees: Familiar HR-related language (compensation, benefits, statements) References to real employee benefits (e.g., health insurance, PTO) Use of university branding\/logos to build trust Hosted on Google Docs, a commonly used and trusted platform Minimal wording, which can make it feel [&hellip;]<\/p>\n","protected":false},"author":349,"featured_media":1525,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1523","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-phishing"],"_links":{"self":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1523","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/users\/349"}],"replies":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/comments?post=1523"}],"version-history":[{"count":3,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1523\/revisions"}],"predecessor-version":[{"id":1529,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/posts\/1523\/revisions\/1529"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media\/1525"}],"wp:attachment":[{"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/media?parent=1523"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/categories?post=1523"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.montclair.edu\/phish-files\/wp-json\/wp\/v2\/tags?post=1523"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}