The Information Security team noted a targeted phishing email being circulated among the York community on June 17, 2025. The email used the subject line "York University Agreement For username@yorku.ca" and claimed to be a signature request notification that included a fake calendar invite. The email also included a malicious link asking users to submit their York credentials in order to view the fake agreement.

A sample of the email is shown below for your reference:

 

Red Flags to Watch Out For:

1. Suspicious sender email: The sender's email address is not associated with York University’s official IT services (email was NOT sent from an @yorku.ca address).
2. Urgency: The email pressures you to act quickly in order to view a fake York University Agreement/Contract.
3. Request for personal details: York University would NEVER ask for passwords, Duo/MFA passcodes, or other sensitive information via email.

What to Do:

• Do not respond to this email or provide any personal information. This is a scam aimed at financially defrauding you.
• Do not click any links or open attachments that may be included.
• Report the email: If you received this phishing attempt, please report it using the Report Phishing button or forward it to phishing@yorku.ca

If you have already responded to this scam, stop all communication with the scammer and notify infosec@yorku.ca; If you provided any account names or passwords, change any such passwords immediately.