Don’t fall for online job scams

Job offer scams are a form of phishing used to take advantage of students and new graduates who are seeking employment.

Job offer scams typically work like this—you receive an unsolicited email that invites you to apply for or start a job with a high-paying salary. In most cases, the hacker asks for various forms of information from personal information to banking information, which can be used for financial and identity theft.

This week, many members of the University of Toronto (U of T) community received a fake job offer email (image below), which asked recipients to provide personal and banking information. Let’s brush up on some of the common red flags to help you identify job offer scams:

Job scam email Jan 2022 feature image

View higher resolution image.

  • Generic emails: Hackers send mass emails in anticipation of getting responses from multiple recipients. Emails from legitimate and trusted sources will always address the recipient by name.
  • Poorly worded emails: Phishing emails can often be identified by poor grammar and spelling. Right from the subject line, this job scam email displayed these flaws. Always make sure to read the email carefully and check for spelling and grammatical mistakes, as well as awkwardly worded sentences.
  • Unsolicited emails: Most companies post job vacancies on their careers portal or legitimate job boards. One way to validate the legitimacy of a job posting is to check for the posting on the company’s official website or job boards. If you didn’t apply for the position and the person contacting you isn’t a recruiter from a reputable company or recruitment firm, the odds are it is a scam.
  • Emails from fake companies: Hackers also use advertising and job listing websites to “recruit” potential victims. Ensure that you do a search online for the company name and check if they have a legitimate physical address.
  • Emails from free email providers: Most companies have professional email addresses and do not use free email providers like Gmail. If you receive a job offer and the email address looks more like a personal email address than a business address, be suspicious.
  • The perfect job offer: If an email states extremely high compensation for a position that requires “no skills or experience, and few hours to work” and seems too good to be true, then it is likely a scam.
  • Asking for personal and financial information: While it is true that you have to provide your employer with some forms of identification and banking information before you start your job, if a company is asking you for this information before the interview or in the initial email, the job is likely a scam.

Visit the  Security Matters website for more information on identifying and reporting a phishing attempt.

Surge of phishing attacks at the University of Toronto

Social engineering is designed to evade common security setups by targeting the people inside organizations — relying on human error as the weak link. While hackers’ approaches behind social engineering may differ in form, their goals are all very similar: identity theft, data breaches, ransomware attacks and more.

Phishing, one of the most popular forms of social engineering, is becoming more common with each day. It is very important to educate ourselves about cyber security to ensure our individual and institutional data remains protected. Equipping ourselves and the University of Toronto (U of T) with sophisticated and advanced tools is only half the battle. We can be proactive in preventing data breaches and other attacks by staying educated and aware, and therefore avoiding potential for human error.

Recently, there has been an influx of phishing emails containing malicious links targeted at U of T community members. These attacks have been impersonating U of T administrator roles and targeting unsuspecting community members.

Below are two recent emails that were sent to U of T community members. Review the red flags to help you understand the anatomy of a phishing email:

Phishing email spoofing UTORid website

Image 1: This recent phishing email contains a malicious link to a spoofed UTORid web page. The email was sent from an email address impersonating a U of T staff member.

Phishing email pretending to be U of T IT department

Image 2: This email prompts U of T community members to click on a link to ‘update their account’. 

At first glance, phishing emails often look like legitimate communications from a trusted organization. No matter how real it looks, treat every email you receive with caution — especially ones you weren’t expecting to receive. In the case of receiving a suspicious email, review the common red flags to identify if action is required to report and remove the email.

If you receive a suspicious email, ensure you report and delete the email immediately.

For information on how to report a phish, visit

Visit the Phish Bowl and the Security Matters blog to read about recent phishing attacks within the U of T community.