A common type of phishing email observed by the Information Security team at York University is a fake McAfee software renewal invoice. Such emails fraudulently state that the recipient’s subscription to a premium software- oftentimes a McAfee security product- has automatically renewed and the recipient has been charged. A sample of this type of phishing email is shown below:

The objective of these phishing emails is to trick recipients into calling the scammers’ phone number in the hopes of cancelling the non-existent subscription. Scammers will attempt to obtain personal or credit card information from victims to use for identity theft or credit card crimes. Alternatively, scammers will claim that the victim’s computer is infected with malware and urgently requires remote access, which will then be used by scammers to install malware, steal files, or hijack accounts.

While many of these phishing emails are blocked or sent to users’ Junk folders, threat actors take many steps to circumvent email defenses, such as the use of newly registered or compromised email addresses, changes in email bodies to avoid keywords or text patterns, and links or (encrypted) attachments to malicious content.

If you receive such an email, please refrain from clicking on any links, opening any attachments, or calling any phone numbers within the email. Reporting suspicious emails to York University’s Information Security team via the Report phishing button assists with the detection and remediation of phishing attempts against York University’s users. Common elements of phishing emails include an urgent call to action, poor or inconsistent writing, and generic greetings.

If you suspect that you may have fallen for a phishing scam and provided sensitive information or interacted with scammers, please reach out to the Information Security team via infosec@yorku.ca.