A confirmed phish email sent from a spoofed York email address, with subject line "Incoming Mail Delayed." was reported. Clicking on the link "Click here to retrieve your emails and reconfigure Port 486." will redirect users to an external site: https://firebasestorage[.]googleapis[.]com/v0/b/jiklo-102a6.appspot[.]com/o/1998228299llllllll%2Fwebwebweb.html?alt=media&token=9125baf0-abd4-4b12-8e44-acbfcb3d395c#username@yorku.ca If you clicked on the link and provided your credentials, please consider your account […]
Alert
Phish Alert - April/May Salary updates
A confirmed phish email with subject line "April/May Salary updates" was reported. If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password immediately and NEVER authorize a 2FA request that you did not initiate.
Phish Alert - (6) messages are pending yorku.ca
A phish email with subject line "(6) messages are pending yorku.ca" was sent to multiple mailboxes. Clicking on the link "RE-ACTIVATE ACCOUNT HERE" will redirect users to an external site: https://tummify.com/wp_locks/MailUpdateFresh#username@yorku.ca If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password immediately and NEVER authorize […]
Phish Alert - Authorization Form
A sophisticated phish scam with subject line "Authorization Form" was sent to multiple mailboxes. The email has the attachment "yorku.ca Please_DocuSign_credit_card_Authorization.html" Opening the attachment will prompt the user to enter a password. You won't be able to change the username. If you click on Login, you will get the message "Invalid Password..! Please enter correct […]
Phish Alert - Updated JANUARY Payment Structure (Final Post-Covid-19 listing) !!!
A phishing email with subject line "Updated JANUARY Payment Structure (Final Post-Covid-19 listing) !!!" was sent to various mailboxes. Clicking on the xls link will redirect users to a fraudulent site http://managecld.com/log-in/ If you clicked on the link and provided your password, please consider your account as compromised. Change your password immediately and NEVER authorize […]
Phish Alert - Document shared with you: "Faculty EVALUATION.docx"
Information Security spotted a phishing scam with subject line "Document shared with you: "FACULTY EVALUATION.docx"". The phishing email came in various forms. Clicking on the link will redirect users to a document saved in a cloud service such as Google Docs, Dropbox, or OneDrive, prompting the users to provide an email address and password. If […]
Phish Alert - Work From Home
A job scam email with subject line "Work From Home" was sent to multiple mailboxes this morning. The link redirects users to a Google Form. If you replied to the message, please: *** DO NOT REPLY TO ANY FURTHER MESSAGES RELATED TO THE SCAM *** Use the REPORT PHISHING button to report any additional messages […]
Phish Alert - We Received A Request From You
Phish email with the subject line "We Received A Request From You" was spotted this morning. The link redirects users to a Google Form. If you clicked on the link and provided your password, please consider your account as compromised. Change your password immediately.
Phish Alert - Pending E-mail Support notification
Phish email with subject line "Pending E-mail Support notification" was spotted. Clicking on the link will redirect users to an external site https://wtr.vivico-mx[.]us If you clicked on the link and provided your password, please consider your account as compromised. Change your password immediately.
Phish Alert - @yorku.ca Your Password has Expired
A confirmed phish email with subject line "@yorku.ca Your Password has Expired" was reported. If you clicked on the link and provided your password, please consider your account as compromised. Change your password immediately.
