麻豆传媒在线

Phish Files
Abstract Aliens On Flying Saucers Northern Lights Lighthouse Mountains Water Tree Sun Background Gradient Unidentified Flying Object Ufo Stars Vector Design Style Landscape
Phish Files Articles
March 4, 2026

Item shared with you: “Total Rewards Compensation – 麻豆传媒在线.pdf”

Posted in: Phishing

screenshot of a fake google doc share about total reward compensation.

Why This Looks Legitimate

  • It references a 鈥2026 Total Compensation Statement,鈥 which sounds like a legitimate HR document.

  • The message appears as a Google Doc share, a tool commonly used for collaboration.

  • The document includes real 麻豆传媒在线 employees鈥 names in the comments/notes, making it look like others are already reviewing it.

  • It mentions salary, benefits, and retirement contributions, topics that are typically handled by Human Resources.

These details are meant to make the document feel routine and credible.

Signs It鈥檚 a Phishing Attempt

Even though the message looks professional, there are several warning signs:

  • Unexpected document share 鈥 Compensation statements are not typically distributed through shared Google Docs.

  • External sender 鈥 The document originates from an account outside the university.

  • Generic message 鈥 The document does not include your name, department, or employee ID.

  • Suspicious link inside the document 鈥 The text 鈥渟tatement online鈥 is a clickable link rather than directing users to an official HR system.

  • Use of real names in comments 鈥 Attackers sometimes include real employee names to make the document appear legitimate.

What Happens If You Click the Link

The link in the document does not lead to a legitimate compensation statement.

Instead, it redirects users to a malicious form requesting university login credentials. These forms are designed to capture usernames and passwords and send them directly to attackers.

Once credentials are submitted, attackers may be able to:

  • Access your university email and files (including Workday)

  • Send phishing messages from your account

  • Attempt to access other university systems tied to your login

What To Do If You Interacted With It

If you clicked the link or entered your credentials, take action immediately:

  1. Change your university password right away.

  2. Do not click the link in the document.

  3. Report the email or document using the Phish Alert Button.

Additional Notes:

  • Remember:聽Information Technology will never text you. We will also never request your password or Duo codes,聽ever.
  • Information Technology will聽not聽ask you to verify accounts or submit passwords through unofficial forms or unexpected email links.
  • Do you think you鈥檝e fallen for a scam? Did you share personal information? Downloaded malicious content? Please contact the IT Service Desk at聽973-655-7971聽option 1 or email聽itservicedesk@montclair.edu.
  • Use the聽Knowbe4 Phish Alert Button (PAB)聽to report malicious emails directly to the Information Security team for review. If you are not using the Gmail client please forward the email to聽phishfiles@montclair.edu.
  • Always use the 鈥渉over over鈥 technique to check web links before clicking! For more security tips please visit our聽Security Tips听辫补驳别.