It is a common email Phishing tactic to impersonate another person. This can be done using several different methods, from simple to sophisticated. Email by itself is a plain text file that contains several different fields. One of these fields is "From", and attackers will modify this field to appear to come from another individual. For example, although my email address may be "john123@email.com", the email "From" field will make the email look like it is from "jane456@anotheremail.com".
There are different ways to recognize this, the simplest is to look at the sender's email address, if the email seems to come from a PCT employee or student, but the email domain is not "@pct.edu" then the email is suspect and should be closely scrutinized. Contacting the identified PCT employee directly using a College approved communication channel is the fastest way to verify the email.
Another clue to help you recognize these emails is to look for an alert email header provided by Microsoft. Our Microsoft email system actively looks for threats, and email spoofing is often detected by them when the email reaches our systems. If you see a header on your email that looks like the image below then there is a very good chance the email is not legitimate:
There is also the possibility that an attacker could not only change the "From" field on the email but also spoof the email address that the email is being sent from. This is a more sophisticated attack but does happen periodically. These can be harder to detect by Microsoft and the recipient. That is why we must stay vigilant and aware of emails as they are reviewed. Looking for grammatical errors, out-of-context content, and generally suspicious language. Most importantly, never open attachments or click links that you are not expecting without verifying their legitimacy.
If you identify a spoofed email please report the email using the procedure in this linked TDX article:
https://pct.teamdynamix.com/TDClient/1803/Portal/KB/ArticleDet?ID=76840