Phishing 101: Spot, report and prevent

Some people may wonder how much damage an email can cause, but did you know that around 90 per cent of cyber incidents occur as a result of a successful phishing attack?

With increased reports of cyber attacks around the world, it’s important to know what to do in the event of a phishing attack. Use this quick guide to learn how to protect yourself.

What is phishing?

Phishing is a form of social engineering used by cyber criminals to trick individuals into clicking a malicious link, downloading malware or sharing sensitive information. Generally, the messages are convincingly disguised as to appear legitimate.

Received a suspicious email? Pause to think before you act.

Ask yourself these questions if you receive a suspicious email before you engage with the email:

  1. Does this message make sense?
  2. Why am I receiving this email?
  3. Does the tone seem unnecessarily rushed or urgent?
  4. Am I being asked to download an attachment or click on an unknown link?
  5. Am I being asked for information that is personal or sensitive?

If your answers don’t clear your suspicions, then report the email immediately. Learn more about how to identify and report a phishing attempt.

What to do if you suspect an email to be a phishing attempt

  1. Do not interact with the sender. Do not click on links, download attachments, provide personal information or forward it to your contacts.
  2. If in doubt, call or ask the sender in-person to confirm if the email is really from them.
  3. Report the email to and then delete it from your inbox.
  4. If you already engaged with the sender or clicked on a link or attachment, please contact immediately for assistance.

How can you prevent future phishing attacks?

Hackers frequently steal login credentials to access email accounts. These compromised accounts are then used to send phishing emails to other unsuspecting individuals. Protect your online accounts to prevent this from happening:

  1. Use multi-factor authentication (MFA) for your online accounts. Enrol in UTORMFA, U of T’s multi-factor authentication solution, to add an extra layer of protection to your U of T online accounts.
  2. Create unique and strong passwords for your online accounts.

Keep an eye out for these common types of phishing:

  1. Email phishing: Fraudulent emails designed to manipulate individuals into revealing sensitive information or taking other harmful actions.
  2. Spear phishing: Fraudulent emails targeting a specific group or individual in an organization.
  3. Whaling: Fraudulent emails targeting senior executives at an organization.
  4. Smishing: Phishing messages sent via SMS.

Check out the Phish Bowl for examples of actual phishing emails received by members of the U of T community.

Visit the Security Matters website regularly to learn more about information security and online safety.

Ransomware: An online menace

Ransomware is a type of malware that can lock users and organizations out of their data and infrastructure. Attackers then demand payment to return access to and not expose affected data. Ransomware has immense impact on any institution — from shutting down operations to losing years of research.

Ransomware has become one of the biggest cyber threats globally. In fact, a recent report shows that there was a 104 per cent surge in ransomware attacks last year in North America and a 105 per cent increase globally.

Many organizations are losing billions of dollars to these attacks, trying to regain access to their stolen data. According to a study by Telus, almost half of surveyed Canadian organizations that suffered a ransomware attack paid the hackers in hopes of getting their data back, and most of them did not regain access in the end.

How does ransomware affect the University of Toronto?

With the current geopolitical situation, it is likely that ransomware attacks could target the University and cause significant damage to the University and its community.

How can I protect myself and my data from ransomware?

Here are some resources to help you stay secure online and protect your data.

  1. Don’t click any links, download attachments or engage with the sender if you receive a suspicious email. Also, do not forward or share the email with your colleagues and other contacts.
  2. Ensure you set up unique and strong passwords for all your personal and professional accounts. Strong passwords are your first line of defence.
  3. Multi-factor authentication (MFA) adds an additional layer of security to your accounts. It also enables you to work remotely with confidence. Enrol in U of T’s UTORMFA to stay secure online.
  4. Make sure you backup your device and store the data where they are protected from access by others. If you lose your data due to a ransomware attack or a malicious person corrupts your data, your backups are critical for recovery.
  5. Report suspicious emails or computer activity to and then delete it from your inbox. If you have already clicked on a link or attachment, please contact

If you work with self-managed devices (home computers, laptops, phones, etc.) and access institutional data, ensure you secure your devices by taking the following steps:

  1. Use supported versions of operating systems.
  2. Patch and update the operating system and software/applications regularly (ideally automatically) to correct security vulnerabilities.
  3. Have fully enabled, automatically updating anti-virus software.
  4. Protect devices with a strong password and/or biometrics.

Visit the Ransomware Risk page for more information on to prepare and protect data, devices and users.

Keep visiting the Security Matters website regularly for tips and information on how to stay secure online.

Additional resources about ransomware