News

Phish Alert - SMS Phishing Scam Impersonating York President

We have received reports from users about a new SMS phishing (smishing) scam that is impersonating York President Rhonda Lenton. The scammers are using different phone numbers to contact potential victims, including numbers from area codes 484 and 438. An example of the smishing text described is shown below for reference: This message was NOT […]

Phish Alert - "Job Alert: New Opportunities Added Daily - Apply Now!" / "Your Future Starts Here: Explore Our Job Board Today!"

Alert, News

The Information Security team noted multiple targeted job scam-type phishing emails being circulated among the York community on December 9th, 2024. The emails used one of the following subject lines listed below: Your Future Starts Here: Explore Our Job Board Today! Your Dream Job Awaits: Explore Our Latest Listings! Unlock Your Potential: Exclusive Job Listings […]

Phish Alert - Sαlαry Increαse Notificαtion/16.89 % Salary Increase Letter 2024-11-19

Alert, News

The Information Security team noted two phishing emails being circulated among faculty & staff. The emails, titled "Sαlαry Increαse Notificαtion" OR "16.89 % Salary Increase Letter 2024-11-19", claim to be sent from York University Payroll & Employee Relations, and prompt recipients to submit personal information. Key details of the phishing email: Subject: Sαlαry Increαse Notificαtion/16.89 […]

Duo's Self-Service Device Management (SSDM) portal

Duo has also introduced a new Self-Service Device Management (SSDM) portal to allow users to access the device management interface directly. This will allow users to add/remove devices without the help of IT/Help Desk staff. To access Duo SSDM, please visit https://yorku.login.duosecurity.com/ and login with your Passport York credentials. Once inside the portal, users will […]

New Duo Security Enhancements Coming to York

Announcement, News

As part of planned updates to York’s current Duo 2FA service, UIT will be deploying an extra layer of security through the implementation of Duo Verified Push, Time-Based One-Time Password (TOTP) codes, and the Self-Service Device Management (SSDM) portal. What’s Changing?  Verified Push will ask you to enter a 3-digit code during the login process. […]

Passport York password complexity requirements update

Announcement, News

Passport York uses a password strength estimator to ensure that users set strong, difficult to crack passwords for their account.  This is done in order to increase the security of their various accounts at the University. The estimator analyzes passwords and assigns them a score based on their complexity. We have increased the score required […]

Upcoming Change to Duo 2FA Prompt

,

As part of planned updates to York’s Duo 2FA service, the Duo login prompt will change to a refreshed and modernized look that is better optimized for desktop and mobile experiences - known as the Duo Universal Prompt. There are no functionality changes to Duo and the service will continue to be part of your […]

Phish Alert - "Ongoing Employment Opportunity" AND "Executive Assistant/Administrative Assistant!!"

Alert, News

Scammers are using compromised YorkU email accounts to send fictitious employment emails looking for an Executive Assistant/Administrative Assistant. The link will open a Google Form, asking for personal information and requests that recipients get in touch with Dickens Tryone at hrworldvision1@outlook.com. The scammer may ask to connect over the messaging app, Discord.       […]

Job Scam Alert - Open Job Position

Alert, News

Please note that York will NEVER request for passwords, Duo passcodes or other personal information via email or Google Form.  Below is the latest job scam email that was sent to various mailboxes.    The Information Security team has taken action to remove the fraudulent messages. If you receive similar messages, please report it immediately […]