A Phish email with the subject line "IT Notice - My Maintenance" was recently spotted. Clicking on the provided link will redirect users to an external site. The email is a scam. Do not click on any links or provide any information. If you clicked on the link and provided your credentials, please […]
Alert
Phishing Alert - Interdisciplinary Research Project/Aide Money Mule Scam
There is an ongoing phishing campaign targeting students at York University as well as other Canadian universities with a fake research job promising good money for very little effort. These phishing emails use a technique called “spoofing” to appear as though emails were sent by a York University professor- even though they were NOT- in […]
Phishing Alert - McAfee Software Renewal Scams
A common type of phishing email observed by the Information Security team at York University is a fake McAfee software renewal invoice. Such emails fraudulently state that the recipient’s subscription to a premium software- oftentimes a McAfee security product- has automatically renewed and the recipient has been charged. A sample of this type of phishing […]
Phishing Alert - *Job Scam* Executive Personal Assistant
Please be on the lookout for a phishing scam that targets the York community with offers of a fictitious job opportunity as an Executive Personal Assistant. Below is a screenshot of the email and the application form. Following through […]
Phish Alert - Salary increase letter
Please be advised that a recent phishing message targeted a large number of York users with a fake salary increase notice letter. The “letter” is a PDF attachment that contains a link to a fake York login designed to steal passwords. The attachment itself has been password protected by the sender to try and avoid […]
Phish Alert - Re: Your messages were not sent_2625
A phish email with subject line "Re: Your messages were not sent_2625" was reported. Clicking on the link will redirect users to a fraudulent site http://fms6o.u1dqy.gelatikphoto.com.///?QQQ#.cHJpbmNlbndAeW9ya3UuY2E= If you clicked on the link and provided your credentials, please consider your account as compromised, and notify us […]
Phish Alert - www.yorku.ca // YourUsername@yorku.ca
A confirmed phish email with the subject line "www.yorku.ca // YourUsername@yorku.ca" was reported. The sender's email address was spoofed. Clicking on Review / Keep Current Password will redirect users to a fraudulent site http://yorku.caiz3gyuv2ldk9gpjabwia-iz3gyuv2ldk9gpjabwia. bakkasund.com/psswrd.php#Y3Jvb2tzZEB5b3JrdS5jYQ== If you clicked on the link and […]
Phish Alert - Yorku (2) new private documents
A confirmed phish email, sent from a spoofed York email address with the subject line "Yorku (2) new private documents" was reported. Clicking on the link will "Preview & Download It Now::" redirect users to an external site: https://vcbeorigv8h-e30pr8ighvp-0eh8irpg8h-0evrfg[.]obs[.]ap-southeast-3.myhuaweicloud[.]com/fcnbhweo4igvf8h-3wr4e8higvb-piewhrb80vhier-pbivetrb[.]html?AWSAccessKeyId=BIYYVE07OMDKEILTTF0R&Expires=1657387715&Signature=sMdOTQRWRifE2QcDc4LSu/E1XIQ%3D#username@yorku.ca If you clicked on the link and provided your credentials, please consider your account as compromised, and notify […]
Phish Alert - N:6/722: Your attention is needed
A confirmed phish email sent from a spoofed York email address, with subject line "N:6/722: Your attention is needed" was reported. Clicking on the link "Update Now" will redirect users to an external site: https://www[.]sekur[.]aero/wp-content/uploads/2022/06/8nugh/?i=i&0=username@yorku.ca If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password immediately […]
Phish Alert - MAIL DNS (22) Undelivered Messages. Please check Domain settings!
A confirmed phish email, appearing to be sent from a user's own spoofed York email address, with subject line "MAIL DNS (22) Undelivered Messages. Please check Domain settings!" was reported. Clicking on the link will redirect users to an external site: https://storage[.]cloud.google[.]com/maintainancecomponeta[.]appspot[.]com/myautoindex[.]html#username@yorku.ca If you clicked on the link and provided your credentials, please consider your […]
