...
Very often, this can be an immediate red flag that something is amiss. You cannot necessarily trust the name itself on an email - instead, a good habit is to always check the sender’s email address. A well known company is very likely not reaching out to you via an gmail.com or hotmail.com address, for example.
There are generally no restrictions on what one sets as their name with email - it’s the same as you being able to freely sign a paper letter with whatever you want. You’re free to use your name, a nickname, or even someone else’s name. Checking the address will very often expose these kinds of social engineering attempts. Receiving an email with the name of a co-worker in no way guarantees their identity and these attacks are relying on your glancing over this.
If you receive such a message, and it’s not from an address you recognize (ideally, any and all Felician related correspondence should be coming from another @felician.edu or @students.felician.edu email address) then something may be wrong. Remember, security happens in layers - even this isn’t an absolute guarantee. If it sounds strange and it came from a Felician address, something may still be wrong!
Additionally, hovering your mouse over the link will show it to you. This can often be a crucial hint as to whether the destination is where you’d expect it to. Beware look-alikes as well! Just because the company name is in the URL does not guarantee its safety, such as:
...