Please be on the lookout for a phishing scam that targets the York community with offers of a fictitious job opportunity as an Executive Personal Assistant. Below is a screenshot of the email and the application form. Following through […]
Alert
Phish Alert - Salary increase letter
Please be advised that a recent phishing message targeted a large number of York users with a fake salary increase notice letter. The “letter” is a PDF attachment that contains a link to a fake York login designed to steal passwords. The attachment itself has been password protected by the sender to try and avoid […]
Phish Alert - Re: Your messages were not sent_2625
A phish email with subject line "Re: Your messages were not sent_2625" was reported. Clicking on the link will redirect users to a fraudulent site http://fms6o.u1dqy.gelatikphoto.com.///?QQQ#.cHJpbmNlbndAeW9ya3UuY2E= If you clicked on the link and provided your credentials, please consider your account as compromised, and notify us […]
Phish Alert - www.yorku.ca // YourUsername@yorku.ca
A confirmed phish email with the subject line "www.yorku.ca // YourUsername@yorku.ca" was reported. The sender's email address was spoofed. Clicking on Review / Keep Current Password will redirect users to a fraudulent site http://yorku.caiz3gyuv2ldk9gpjabwia-iz3gyuv2ldk9gpjabwia. bakkasund.com/psswrd.php#Y3Jvb2tzZEB5b3JrdS5jYQ== If you clicked on the link and […]
Phish Alert - Yorku (2) new private documents
A confirmed phish email, sent from a spoofed York email address with the subject line "Yorku (2) new private documents" was reported. Clicking on the link will "Preview & Download It Now::" redirect users to an external site: https://vcbeorigv8h-e30pr8ighvp-0eh8irpg8h-0evrfg[.]obs[.]ap-southeast-3.myhuaweicloud[.]com/fcnbhweo4igvf8h-3wr4e8higvb-piewhrb80vhier-pbivetrb[.]html?AWSAccessKeyId=BIYYVE07OMDKEILTTF0R&Expires=1657387715&Signature=sMdOTQRWRifE2QcDc4LSu/E1XIQ%3D#username@yorku.ca If you clicked on the link and provided your credentials, please consider your account as compromised, and notify […]
Phish Alert - N:6/722: Your attention is needed
A confirmed phish email sent from a spoofed York email address, with subject line "N:6/722: Your attention is needed" was reported. Clicking on the link "Update Now" will redirect users to an external site: https://www[.]sekur[.]aero/wp-content/uploads/2022/06/8nugh/?i=i&0=username@yorku.ca If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password immediately […]
Phish Alert - MAIL DNS (22) Undelivered Messages. Please check Domain settings!
A confirmed phish email, appearing to be sent from a user's own spoofed York email address, with subject line "MAIL DNS (22) Undelivered Messages. Please check Domain settings!" was reported. Clicking on the link will redirect users to an external site: https://storage[.]cloud.google[.]com/maintainancecomponeta[.]appspot[.]com/myautoindex[.]html#username@yorku.ca If you clicked on the link and provided your credentials, please consider your […]
Phish Alert - Updated MAY Payment Structure And Classified Comapny Docments For You!!!
A phish email with subject line "Updated MAY Payment Structure And Classified Comapny Docments For You!!!" was sent to multiple mailboxes. Clicking on the link will redirect users to an external site:https://codee-1-a153d6.ingress-daribow[.]easywp.com/sv/#username@yorku.ca If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password immediately and NEVER authorize […]
Phish Alert - Incoming Mail Delayed.
A confirmed phish email sent from a spoofed York email address, with subject line "Incoming Mail Delayed." was reported. Clicking on the link "Click here to retrieve your emails and reconfigure Port 486." will redirect users to an external site: https://firebasestorage[.]googleapis[.]com/v0/b/jiklo-102a6.appspot[.]com/o/1998228299llllllll%2Fwebwebweb.html?alt=media&token=9125baf0-abd4-4b12-8e44-acbfcb3d395c#username@yorku.ca If you clicked on the link and provided your credentials, please consider your account […]
Phish Alert - April/May Salary updates
A confirmed phish email with subject line "April/May Salary updates" was reported. If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password immediately and NEVER authorize a 2FA request that you did not initiate.
