We have recently received reports of a phishing scam that appears to come from IT Support, with the title "IT Services". The body of the email says "We noticed a login to your University Email account from an unrecognized location ..." (see example screenshot). It suggests you "CLICK HERE" if the login attempt was not made by you.
There is currently a targeted phishing email with the title "Micgill Webmail" . It says your web mail account is expiring and asks you to click on a link to log on. See an example of the message, below.
Several emails designed to appear as though they are from prominent members of the McGill community have targeted recipients both within and outside of the McGill community in recent weeks. These emails may request or provide information, including requests to send money. They have been identified as social engineering attacks.
January 28th is Data Privacy Day. Data Privacy Day is an international effort which began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. The Data Privacy Day campaign is officially led by the National Cyber Security Alliance (NCSA).
A security threat -- possibly a Trojan virus -- was found in an email sent to McGill recipients. The subject of the email is "ATTN: You received a shared document", and the link was to AGREEMENT TERMS.
Don't be fooled, especially when the email suggests urgent action. Note that with Trojans and other viruses, recipients do not even have to enter their credentials; they can become infected as soon as they click on a malicious link.
Watch out for emails with title's, such as "Action Required! Campus Relocation" and instructions to "open the shared document" . These types of emails appear to notify you of a document that is being shared with you from a file sharing service. Don't be fooled, especially when the title suggests urgent action.
Watch out for emails with title's, such as "Action Required! Notice of Expulsion" and instructions to "open the shared document" . These types of emails appear to notify you of a document that is being shared with you from a file sharing service. Don't be fooled, especially when the title suggests urgent action.
Beware of emails circulating related to file sharing systems asking you to access a document shared by a McGill person, who may even be one of your contacts.
The latest one reported references "Share-file" and contains the subject "Request from xxxxxx", and contains a link to "Download Documents". It looks very convincing, with a valid-looking McGill signature.
Watch out for emails with a generic title, such as "Review Paperwork" and links to "View Document", "Open Document", etc. These types of emails appear to notify you of a document that is being shared with you from SharePoint or other cloud file sharing services. Don't be fooled.
Watch out for emails that claim they have stolen your password and hacked into your your computer to "watch" you and record your data. They typically threaten to send videos of you watching porn to your contacts unless you "pay up" by transferring bitcoin into an account. You can view an example below.
If you receive such an email, please...
There is a new phishing scam to watch out for entitled "ORDER CONFIRMED" with a fraudulent link to DOWNLOAD RECEIPT. View a screenshot of the message below.
Multiple phishing scams: Various subject lines, including “Update your Office 365 now to Avoid Fraudulent Act”
At this time of year, McGill faces an increased level of phishing attacks targeting our community. It is important to be vigilant of hacking attempts.
Presently, there are multiple phishing scams targeting the McGill community. One email’s subject line is “Update your Office 365 now to Avoid Fraudulent Act” and its body contains a link to open a message. View a screenshot of the message to the left, or view the text version below.
There is currently a phishing scam targeting the McGill community with the email subject "Re: Office 365 Team" from "Administrators Team". The message asks the recipient to click on a fraudulent "Confirm" link to confirm the "Address associated". View a screenshot of the message to the left, or view the text version below.
There is currently a phishing scam targeting the McGill community with the email subject "Email Verification" from "Microsoft Online Services". Users are asked to click on a fraudulent "validate" link in order to confirm their identity and prevent login interruptions to their email account. View an example of the message below.
There is currently a phishing scam targeting the McGill community from robin.willams @stonybrook.edu about information from the McGill Information Centre. Users are asked click on "log-on" for more info. View an example of the message below.