Please be advised that a phishing email is currently circulating from a compromised account within our organization. The email uses the subject line: Subject: ADVANCE WARNINGDate: June 8, 2025, at 1:43:49 PM EDT The message claims that your YorkU Microsoft account is set for deactivation due to retirement, graduation, or transfer. It urges recipients to […]
Advisories & Alerts
Phish Alert - SMS Phishing Scam Impersonating York President
We have received reports from users about a new SMS phishing (smishing) scam that is impersonating York President Rhonda Lenton. The scammers are using different phone numbers to contact potential victims, including numbers from area codes 484 and 438. An example of the smishing text described is shown below for reference: This message was NOT […]
Phish Alert - "Email @ York Update"
The Information Security team noted a targeted phishing email being circulated among the York community on December 28th, 2024. The email used the subject line "Email @ York Update" and claimed to be a notification regarding a fake mail server update. The email included a malicious link asking users to submit their York credentials in […]
Phish Alert - "Job Alert: New Opportunities Added Daily - Apply Now!" / "Your Future Starts Here: Explore Our Job Board Today!"
The Information Security team noted multiple targeted job scam-type phishing emails being circulated among the York community on December 9th, 2024. The emails used one of the following subject lines listed below: Your Future Starts Here: Explore Our Job Board Today! Your Dream Job Awaits: Explore Our Latest Listings! Unlock Your Potential: Exclusive Job Listings […]
Phish Alert - Sαlαry Increαse Notificαtion/16.89 % Salary Increase Letter 2024-11-19
The Information Security team noted two phishing emails being circulated among faculty & staff. The emails, titled "Sαlαry Increαse Notificαtion" OR "16.89 % Salary Increase Letter 2024-11-19", claim to be sent from York University Payroll & Employee Relations, and prompt recipients to submit personal information. Key details of the phishing email: Subject: Sαlαry Increαse Notificαtion/16.89 […]
Duo's Self-Service Device Management (SSDM) portal
Duo has also introduced a new Self-Service Device Management (SSDM) portal to allow users to access the device management interface directly. This will allow users to add/remove devices without the help of IT/Help Desk staff. To access Duo SSDM, please visit https://yorku.login.duosecurity.com/ and login with your Passport York credentials. Once inside the portal, users will […]
Phish Alert - Notification of Student/Staffs Account Deactivation
A phishing email is currently being circulated among faculty, staff, and students. The email, titled "Notification of Student/Staffs Account Deactivation", claims to be from YorkU IT Admin and prompts recipients to submit personal information to prevent account deactivation. Key details of the phishing email: From: York U IT Admin <jana.jakesova@KCHMPPCZ.onmicrosoft.com> Subject: Notification of Student/Staffs Account […]
New Duo Security Enhancements Coming to York
As part of planned updates to York’s current Duo 2FA service, UIT will be deploying an extra layer of security through the implementation of Duo Verified Push, Time-Based One-Time Password (TOTP) codes, and the Self-Service Device Management (SSDM) portal. What’s Changing? Verified Push will ask you to enter a 3-digit code during the login process. […]
Job Scam - Ontario Universities Students Jobs Placement 2024 Fall Semester
We have identified another targeted phishing email with the subject line "Ontario Universities Students Jobs Placement 2024 Fall Semester". The email includes a PDF attachment and asks recipients to contact hr@careers-opinionoutpost.com. Do not respond, open the PDF, or engage with the email. This is a scam aimed at financially defraud you. If you have already […]
Job Scam - York U: Jobs Placement Fall 2024 Semester
We have identified a targeted phishing email sent from a compromised university account. The email includes a PDF attachment and asks recipients to contact hr@careers-opinionoutpost.com. Do not respond, open the PDF, or engage with the email. This is a scam aimed at financially defraud you. If you have already responded to this scam: Stop all […]
