phishing

[Phish] UTSC Duo Security Update: All Students Should Apply Now

April 25, 2023

Details:

Subject: UTSC Duo Security Update: All Students Should Apply Now

Kindly fill and submit the student course registration form to book an appointment for the on-going Duo Security Update interview below, Once done and submitted, then i can have your appointment approved and booked. It’s imperative as a student at the University to book an appointment today for this exercise and fight against Phishing. This exercise is meant for the school database, course upgrade, Duo Security Update/Confirmation and Fight against Phishing

Register here {Malicious link}

You will be contacted via SMS within the next 14 days or more, just to confirm you already enrolled for Duo Security and to make sure its enabled, so we will contact you via SMS( with your JoinID so you can know and confirm it’s from the school security dept) when logging into your Utoronto Mailbox Account to either push the Duo Security Button on your phone or send us the code that will be sent to your cell phone number registered with the Duo Security, in order to access your account and confirm everything is intact, is that understood?. This exercise will be done repeatedly.

This form enables us to perform the monthly database, course upgrade and security check. Please fill and submit the form with the correct information and we will be in touch.

NB: Do Not Reply Back to this email

 

If you have received a suspicious email, please report it to report.phishing@utoronto.ca and delete it immediately from your mailbox. Don’t click any links, download attachments or engage with the sender. Please do not forward or share the email with your colleagues and other contacts. Learn more about what to do if you suspect a phishing attempt.

Protect yourself from tax-related scams

March 14, 2023

Canadians lose millions of dollars in various scams and fraud every year, according to the Canadian Anti-Fraud Centre.

A tax-related scam is when a fraudster poses as an authority figure, usually as a CRA or Service Canada agent, to try to scare people into complying with their demands. These scams are designed to frighten people into engaging with the fraudster to make payments via money service businesses, pre‐paid cards, gift cards or Bitcoin.

Check out the infographic below to learn more about tax scams and how you can protect yourself and your loved ones.

Infographic with tips for protection from tax-related scams

Content of the infographic: Tax scam awareness tips

Use this guide to identify tax scams and learn how to protect yourself.

How do tax scams work?

  • A scammer contacts you claiming to be a government official and states that you have:
    1. A compromised Social Insurance Number (SIN) number
    2. Committed financial crimes
    3. Outstanding cases against you
  • The scammer threatens you that if you don’t speak with them immediately, you will be arrested, fined or even deported from Canada.
  • The scammer then requests personal information or payments through various financial services.

How can I protect myself from tax scams

  • If you received a suspicious email relating to the CRA or tax filing, follow the steps to identify a phishing email and report it immediately to report.phishing@utoronto.ca.
  • If you are concerned that you may have shared your personal information with a scammer, the CRA advises you to contact the police immediately.
  • Stay aware of tax-related communications by phone, mail, text message or email. Don’t give out personal information, including financial information or login credentials to unidentified personnel.
  • When in doubt, always log in to your CRA account through a trusted browser or call CRA’s Individual Income Tax Enquiries line at 1-800-959-8281.

Visit the CRA scam prevention website for more tips.

View the infographic in higher-resolution.

Visit the Security Matters website to learn more about how to protect yourself online.

Additional resources

 

[Phish] RE: Urgent Student Payment Reminder

January 26, 2023

Details:

Subject: RE: Urgent Student Payment Reminder

Dear student,

Our records show that you have not made your payment for the 2022-3023 Fall-Winter session.   Please make your payment by the end of this week to avoid a service charge

It is strongly recommended that you make regular payments to reduce the balance on your student account and thus reduce the amount of service charges incurred. Please Contect BUSry On EmailAddress: {redacted malicious email address} On ow to make your payment a financial hold will be placed on student accounts with unpaid balances for the 2022-2023 in 24hours.

 

Sincerely,

{Spoofed name}

University Registrar

University of Toronto

 

If you have received a suspicious email, please report it to report.phishing@utoronto.ca and delete it immediately from your mailbox. Don’t click any links, download attachments or engage with the sender. Please do not forward or share the email with your colleagues and other contacts. Learn more about what to do if you suspect a phishing attempt.

[Phish] University of Toronto Email Validation–ID-cdlhyuey63

November 3, 2022

Details:

Subject: University of Toronto Email Validation–ID-cdlhyuey63

Hello,

This email is to notify all students and staff that there is email validation exercises. We will need you to confirm that your email is still in use.

If you don’t want your e-mail account to be terminated during the exercise,

Send “Utoronto Email Validation” to {malicious phone number}

 

if you do not comply with the above, your email access will be disabled.

Please accept our apologies for any inconvenience this may cause.

 

Regards

System Administrator

the University of Toronto

Message ID-cdlhyuey63

 

If you have received a suspicious email, please report it to report.phishing@utoronto.ca and delete it immediately from your mailbox. Don’t click any links, download attachments or engage with the sender. Please do not forward or share the email with your colleagues and other contacts. Learn more about what to do if you suspect a phishing attempt.

Phishing 101: Spot, report and prevent

September 29, 2022

Some people may wonder how much damage an email can cause, but did you know that around 90 per cent of cyber incidents occur as a result of a successful phishing attack?

With increased reports of cyber attacks around the world, it’s important to know what to do in the event of a phishing attack. Use this quick guide to learn how to protect yourself.

What is phishing?

Phishing is a form of social engineering used by cyber criminals to trick individuals into clicking a malicious link, downloading malware or sharing sensitive information. Generally, the messages are convincingly disguised as to appear legitimate.

Received a suspicious email? Pause to think before you act.

Ask yourself these questions if you receive a suspicious email before you engage with the email:

  1. Does this message make sense?
  2. Why am I receiving this email?
  3. Does the tone seem unnecessarily rushed or urgent?
  4. Am I being asked to download an attachment or click on an unknown link?
  5. Am I being asked for information that is personal or sensitive?

If your answers don’t clear your suspicions, then report the email immediately. Learn more about how to identify and report a phishing attempt.

What to do if you suspect an email to be a phishing attempt

  1. Do not interact with the sender. Do not click on links, download attachments, provide personal information or forward it to your contacts.
  2. If in doubt, call or ask the sender in-person to confirm if the email is really from them.
  3. Report the email to report.phishing@utoronto.ca and then delete it from your inbox.
  4. If you already engaged with the sender or clicked on a link or attachment, please contact security.response@utoronto.ca immediately for assistance.

How can you prevent future phishing attacks?

Hackers frequently steal login credentials to access email accounts. These compromised accounts are then used to send phishing emails to other unsuspecting individuals. Protect your online accounts to prevent this from happening:

  1. Use multi-factor authentication (MFA) for your online accounts. Enrol in UTORMFA, U of T’s multi-factor authentication solution, to add an extra layer of protection to your U of T online accounts.
  2. Create unique and strong passwords for your online accounts.

Keep an eye out for these common types of phishing:

  1. Email phishing: Fraudulent emails designed to manipulate individuals into revealing sensitive information or taking other harmful actions.
  2. Spear phishing: Fraudulent emails targeting a specific group or individual in an organization.
  3. Whaling: Fraudulent emails targeting senior executives at an organization.
  4. Smishing: Phishing messages sent via SMS.

Check out the Phish Bowl for examples of actual phishing emails received by members of the U of T community.

Visit the Security Matters website regularly to learn more about information security and online safety.

Four online safety tips for students going back to school

August 29, 2022

A new school year is just around the corner! While this is an exciting time for students, it’s also prime time for malicious actors to take advantage of unsuspecting students.

Review these simple and effective tips to help you stay safe online and protect yourself, your data and the University.

Infographic explaining four ways to stay safe online this school season

 

View the image in a higher resolution.

Resources to protect yourself online:

  1. Protect your online accounts.
    Safe password practices.
  2. Enrol in UTORMFA.
    UTORMFA is the University of Toronto’s multi-factor authentication solution.
  3. Protect yourself against fraud.
    Tips for identifying and reporting a phishing attempt.
  4. Protect your devices.
    Protect yourself against malware.

Visit the Security Matters website regularly to learn more about online safety tips and resources.

Smishing campaigns target Rogers subscribers

August 16, 2022

Following the nation-wide Rogers outage on July 8, there have been reports of smishing (SMS phishing) campaigns targeting Rogers customers.

CTV News recently reported smishing campaigns asking Rogers customers to click on malicious links to receive a service disruption refund. An example of this is a message that a Twitter user received asking him to click on an unknown link to receive $50 credit.

Rogers has stated that the company doesn’t require any action from its subscribers and will auto-refund a portion of their bill to their account. They have also urged subscribers to forward the suspicious text messages to 7726 (SPAM).

What to do if you receive a suspicious email or text message:

  • Do not click the link, provide personal information, open the attachment, send SMS or forward the email to your contacts.
  • Forward the email to report.phishing@utoronto.ca and then delete it from your inbox.
  • If you already engaged with the email, please contact security.response@utoronto.ca immediately for assistance.
  • Visit the Security Matters website regularly to stay updated and aware about online safety.

Further resources for online safety:

Ransomware: An online menace

July 18, 2022

Ransomware is a type of malware that can lock users and organizations out of their data and infrastructure. Attackers then demand payment to return access to and not expose affected data. Ransomware has immense impact on any institution — from shutting down operations to losing years of research.

Ransomware has become one of the biggest cyber threats globally. In fact, a recent report shows that there was a 104 per cent surge in ransomware attacks last year in North America and a 105 per cent increase globally.

Many organizations are losing billions of dollars to these attacks, trying to regain access to their stolen data. According to a study by Telus, almost half of surveyed Canadian organizations that suffered a ransomware attack paid the hackers in hopes of getting their data back, and most of them did not regain access in the end.

How does ransomware affect the University of Toronto?

With the current geopolitical situation, it is likely that ransomware attacks could target the University and cause significant damage to the University and its community.

How can I protect myself and my data from ransomware?

Here are some resources to help you stay secure online and protect your data.

  1. Don’t click any links, download attachments or engage with the sender if you receive a suspicious email. Also, do not forward or share the email with your colleagues and other contacts.
  2. Ensure you set up unique and strong passwords for all your personal and professional accounts. Strong passwords are your first line of defence.
  3. Multi-factor authentication (MFA) adds an additional layer of security to your accounts. It also enables you to work remotely with confidence. Enrol in U of T’s UTORMFA to stay secure online.
  4. Make sure you backup your device and store the data where they are protected from access by others. If you lose your data due to a ransomware attack or a malicious person corrupts your data, your backups are critical for recovery.
  5. Report suspicious emails or computer activity to report.phishing@utoronto.ca and then delete it from your inbox. If you have already clicked on a link or attachment, please contact security.response@utoronto.ca.

If you work with self-managed devices (home computers, laptops, phones, etc.) and access institutional data, ensure you secure your devices by taking the following steps:

  1. Use supported versions of operating systems.
  2. Patch and update the operating system and software/applications regularly (ideally automatically) to correct security vulnerabilities.
  3. Have fully enabled, automatically updating anti-virus software.
  4. Protect devices with a strong password and/or biometrics.

Visit the Ransomware Risk page for more information on to prepare and protect data, devices and users.

Keep visiting the Security Matters website regularly for tips and information on how to stay secure online.

Additional resources about ransomware

Information security news roundup: Ransomware on the rise in Canada

June 17, 2022

Cyber attacks have increased at an alarming rate with the current geo-political situation being a major contributing factor. The National Cyber Threat Assessment 2020 published by The Centre for Cyber Security suggested a potential increase across Canada in cyber crimes, ransomware and commercial espionage — particularly against businesses, academic institutions and governments to steal intellectual property and proprietary information.

Let’s look back at some interesting information security and ransomware related news in recent months.

Two Canadian Universities hit by cyber attacks

Simon Fraser University and Lakehead University reported that they were hit by cyber attacks in February.  Although the universities did not confirm whether it was a ransomware attack, they advised students and staff to monitor their accounts, change their passwords and enrol in multi-factor authentication (MFA).

Data breaches can result in the loss of personal, institutional and other sensitive information. Learn how to enrol in MFA to add an additional layer of security to your online accounts.

Hackers getting clever with phishing emails

It is often said that hackers stay one step ahead of you by constantly changing their tactics. In a recent blog post by Mount Royal University, it was reported that phishing emails with fake invoices from MasterClass (an online educational platform) were sent to the university community and hackers asked recipients to respond with their credit card information for a refund.

Often, phishing emails are made to look like they are from a legitimate source, which can lead recipients to respond, causing further damage. Check out the Phish Bowl for examples of phishing emails received by members of the University of Toronto (U of T) community to help you identify and report suspicious emails.

Ransomware attacks increasing at an alarming rate in Canada

A recent article published by MaRS explained how ransomware attacks have been increasing in Canada with small businesses losing up to billions to cyber attacks. In fact, a survey done by Canadian Internet Registration Authority (CIRA) also found that nearly 70 per cent of Canadian organizations that experienced ransomware paid the hackers to regain access to their data.

Last year, U of T launched a ransomware awareness campaign called Expect Ransomware to provide the community with resources, tips and tools to protect their accounts and to stay secure online.

Ransomware is a an ongoing and evolving cyber threat. Stay tuned for the Expect Ransomware 2.0 campaign launching soon that will provide you with updated resources, tips and tools to protect yourself and your loved ones online.

Federal government may make reporting cyber attacks mandatory

Public Safety Minister Marco Mendicino has said that the federal government might make it mandatory for Canadian businesses and organizations to report cyber attacks. Mendicino also emphasized that the current geo-political situation has increased the threat of cyber attacks.

Staying safe and secure online can be done through simple but effective steps. Explore the educational resources on the Security Matters website to learn how to stay secure online.

Bonus read: Isaac Straley, U of T’s Chief Information Security Officer has called for a revamp of the national cyber security strategy in an op-ed published in The Hill Times.

[Phish] Vacant position: virtual personal assistant.

May 30, 2022

Details:

Subject: Vacant position: virtual personal assistant.

We have an open position for a Virtual Assistant, that is you work remotely,performing various tasks and office support duties.

COVID-19 considerations:

Job is primarily remote at this stage.

Application question(s):

  • What experience (personal or professional) of yours do you think best matches this position and why?

Work remotely:

  • Yes

*TO APPLY: Email your name and phone number to {malicious email added here}

NOTE: Send the email message from your PERSONAL EMAIL ADDRESS (gmail, yahoo etc) and we will send you the job details.

 

If you have received a suspicious email, please report it to report.phishing@utoronto.ca and delete it immediately from your mailbox. Don’t click any links, download attachments or engage with the sender. Please do not forward or share the email with your colleagues and other contacts. Learn more about what to do if you suspect a phishing attempt.