This phish tries to look like a secure file that came from an internal system, but in reality the uvic.ca sender address has been spoofed.
Other signs that this email is not legitimate:
- There are grammatical and capitalization errors, including the incorrect “Uvic” in the sender display name
- The email creates a false sense of urgency by saying the file will expire tomorrow
- Hovering over “Get your file” would reveal a destination link that’s not on UVic or Microsoft.
- The broken images might also be a bad sign, but in this case it’s not clear whether they would have worked in a different mail client.
