Privacy and information security for the York community are of paramount importance. With the recent move to online courses via the Zoom video conferencing service, some privacy and cybersecurity concerns have been raised by the campus community. This article addresses some of these concerns and provides guidance to help protect their privacy and the privacy […]
Advisories & Alerts
Advisory Security Notice: Defending Against COVID-19 Cyber Scams
Please remain vigilant for cybersecurity scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Do not install Android or Apple related software with COVID-19 Heat Map Patient Tracking or go […]
Advisory Security Notice: Fraud targeting Covid-19 researchers
We have been advised by the Canadian Centre for Cyber Security (CCCS) of an active, sophisticated cyber campaign targeting COVID-19 researchers. The campaign begins with phishing email and includes the use of ransomware that could hinder research activity. The CCCS are asking researchers, especially those working on COVID-19 related research, to exercise elevated levels of […]
Phish Alert: Updated July Payment Structure
Updated JULY Payment Structure (Final Post-Covid-19 listing) Documents For You!!! From: yorku.ca Payroll Date: Monday, July 26, 2021 11:28 PM
Phish Alert: XXX@yorku.ca HAVE PENDING 6 UNDELIVERED EMAILS ON
XXX@yorku.ca HAVE PENDING 6 UNDELIVERED EMAILS ON From: Email Admin Date: Monday, July 26, 2021 3:22 PM
Phish Alert: Undeliverable: ❶✉ Notice Release (5) undelivered messages
Undeliverable: ❶✉ Notice Release (5) undelivered messages From: yorku.ca IT Management <info@mailer.netflix.com> Date: Tue 7/20/2021 1:23 PM
Advisory Notice - York VPN will require Duo 2FA as of July 29th
As part of the University’s ongoing efforts to strengthen cybersecurity, York’s Virtual Private Network - VPN (Pulse Secure) will require two-factor authentication, Duo 2FA, as of July 29, 2021. On that date, the general use VPNYork service will prompt you for a password as it normally does, but it will also require 2FA validation at […]
Advisory Notice - Critical Windows Vulnerability - Printnightmare
A critical windows vulnerability was announced in the Microsoft print spooler service and exploits are available in the wild. This vulnerability allows an attacker with valid domain credentials to perform local privilege escalation and/or remote code execution on any host running the RPC/print spooler service. Print spooler service should be turned off on systems that […]
Phish Alert - A letter of suspension from Microsoft
A fraudulent email with the subject "A letter of suspension from Microsoft" has been sent to York University email accounts. The email states that the user's account ___@yorku.ca will be disconnected from sending or receiving emails from other users because they have failed to resolve errors in their mail. It urges the user to resolve […]
Phish Alert - Here's the document shared with you
Various York University community members have received a phishing email which is coming from a masqueraded YorkU email address: SharePoint <HR@yorku.ca>. The email has the appearance of a SharePoint document that is being shared with the user and a description which states "yorku.ca May salary payment approval list by the Board Of Directors. Please review […]
Advisory Security Notice: Scam calls targeting international students
We have been advised by the Student Services & International Relations department of an active, sophisticated scam campaign targeting international students. There have been a number of scam calls from individuals claiming to be employees of York University, Immigration Refugees and Citizenship Canada, and the Royal Canadian Mounted Police (RCMP). Recently, a number of international […]
Phish Alert - virus detected (5)
A fraudulent email with the subject "<username> virus detected (5)" has been sent to York University email accounts. The email states that the user's Norton Antivirus Protection has expired, and their PC may be vulnerable to viruses and other threats. It urges the user to click on a link to Renew_Subscription. The link redirects users […]
Information Security Notice: “UNICEF internship program offer” Phishing
A large number of phishing emails were sent to York email accounts, part of a known scam advertising a fake job opportunity i.e. UNICEF internship program. The emails are fraudulent and intended to trick recipients into providing personal information such as a personal (non-YorkU) email address and a phone number. At that point additional correspondence […]
