Skip to content

Phish Bowl

The Phish Bowl features examples of phishing emails received by members of the University of Toronto (U of T) community to help you identify and report suspicious emails.

If you have received any of the phishing emails below or other suspicious emails, please report it to and delete it immediately from your mailbox. Don’t click any links, download attachments or engage with the sender. Please do not forward or share the email with your colleagues and other contacts.

Learn more about what to do if you suspect a phishing attempt.

[Phish] Utoronto New FaxMessage Received on 29/06/2021

Details: From: [Redacted] Subject: Utoronto New FaxMessage Received on 29/06/2021 Attachment: Utoronto.ca_Fax-Message.html Banner: EXTERNAL EMAIL: This sender has been verified from safe senders list.* *This is not a University of Toronto-approved banner Text: New Fax Notification For [redacted]. DTMF/DID: +692 692-7810 Received: 29/06/2021 – 15:27:59 GMT Resolution: Fine Type: Attachment Number of pages: 2 ...

[Phish] Online Data entry part-time job.Work From Home

Details: From: COMPROMISED ACCOUNT <> To: [redacted] Subject: Online Data entry part-time job.Work From Home Text: Work an hour a day remotely from your location entering data for various companies and hospitals.   Skills needed Good in Excel Accuracy Basic computer knowledge Send your resume and all inquiries to: BADGUY-ACCOUNT@gmail DOT com

[Phish] JOB

Details: From: COMPROMISED ACCOUNT <> To: [RECIPIENT] <[redacted]> Cc: [redacted]@LPL.COM Subject: JOB Text: Are you interested in this position account receivables agent for Metscco Heavy Steel Industries Co. Ltd, who can handle its account from its customers/clients in Canada or USA Thanks, The HR Team

[Phish] Got a moment

Details: From: Dr. Jane Doe <> To: [redacted] Subject: Got a moment Text: Available? – – Dr. Jane Doe University Professor B.Eng., M.Eng (McGill), Ph.D. (Stanford), P.Eng. Canada Research Chair in in Transnational Molecular Geometry

[Phish] < no subject >

Details: From: COMPROMISED ACCOUNT <> To: [Recipient] <[redacted]> Subject: <no subject> Text: All Staffs and Student are expected to migrate to the New 2020 Utoronto Web portal to access  click here to migrate:

[Phish] Re: MBPGSA Email – Friday Night Live @ the ROM!

Details: From: [University of Toronto student] To: [University of Toronto staff member] Subject: Re: MBPGSA Email – Friday Night Live @ the ROM! Text: Hi there, I hope everything is great Here’s details you have demanded most recently. Please don’t hesitate to get the needed files as an attachment. Feel free to make contact with ...

[Phish] University of Toronto

Details: From: [Redacted] To: [University of Toronto student] Subject: University of Toronto Text: Dear User, This is to inform you that our web-mail server has been scheduled for upgrade and maintenance. To avoid your e-mail account been terminated during this upgrade Send “UTORONTO UPGRADE” to (xxx) xxx-0945 You will receive instructions via text on how ...

[Phish] Part-Time Personal Assistant Needed

Since May 25, the University has received several reports of a phishing scam that targets University of Toronto (U of T) students by encouraging them to “apply” for part-time work opportunities. The attack attempts to manipulate students into divulging personal information to a potential employer. You can see two examples of these malicious emails below. ...

[Phish] Re: Quick Respond

On May 21, members the University of Toronto (U of T) community received a malicious email that impersonated a well-known division head. The attack attempted to manipulate recipients into purchasing a large quantity of iTunes gift cards.   Fortunately, the attack was thwarted by a sharp-eyed staff member who recognized the classic signs of a phishing email, including a suspicious email ...

[Phish] [Redacted] shared “Doc010” with you.

This phishing email was sent to a department at the University of Toronto. The message is purportedly from someone who shares a first name with a department member, but the email address does not use a University domain. The email invites the user to access a OneDrive document that appears to be from the department’s manager, but the link is malicious. Details: ...