The main concern is the QR Code? Where will it take you? Will it go to a malicious website? There are a few indicators that this is not legitimate, specifically since both NYU and Purdue are mentioned in the email. We've updated the QR code so it takes you to the RIT Phish Bowl.
This is an example of a Business Email Compromise attack. The attacker is spoofing the name of an RIT leader and attempting to get the recipient to do something for them. In this case, they're allegedly asking to help with a payment.
Staff member giving away piano scam. Note the request to reply with a personal email address so that RIT won't be able to block future communications. The goal of this scam is to get people to pay shipping charges.
Please note that this job scam is being received from multiple email addresses. Multiple "tells" to indicate it's not a legitimate email: Liaise, other debts, request for an alternative e.mail address.
RIT is receiving emails that appear to come from RIT leaders with a link to a 2023 Payroll Payment and Grants Scheduled document in Google Drive. The document is a form that is used to capture usernames and passwords.
RIT is receiving spoofed messages purportedly from RIT leaders providing a link to a 2023 Staff Salary Structure Form. The form is used to collect usernames and passwords. If you've responded to the form, please change your password and report any unexpected Duo prompts.
Google Drive notifications are often integrated into Slack. The screenshot shows a Slack notification. Note that the Spoofed RIT Send name has an external email address. There are no other indications that it's not authentic.