A confirmed phish email with subject line "April/May Salary updates" was reported. If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password immediately and NEVER authorize a 2FA request that you did not initiate.
Advisories & Alerts
Cyber Security Advisory - Protecting against increased cyber threats
Russia’s invasion of Ukraine has resulted in an increase in global cyber threats. While there is no specific threat to York University, we would like to stress the importance of protecting your accounts, devices, and data. Protective steps include: Use multi-factor authentication with your accounts to help verify access. York’s Duo 2FA service is required […]
Phish Alert - (6) messages are pending yorku.ca
A phish email with subject line "(6) messages are pending yorku.ca" was sent to multiple mailboxes. Clicking on the link "RE-ACTIVATE ACCOUNT HERE" will redirect users to an external site: https://tummify.com/wp_locks/MailUpdateFresh#username@yorku.ca If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password immediately and NEVER authorize […]
Phish Alert - Authorization Form
A sophisticated phish scam with subject line "Authorization Form" was sent to multiple mailboxes. The email has the attachment "yorku.ca Please_DocuSign_credit_card_Authorization.html" Opening the attachment will prompt the user to enter a password. You won't be able to change the username. If you click on Login, you will get the message "Invalid Password..! Please enter correct […]
Phish Alert - Updated JANUARY Payment Structure (Final Post-Covid-19 listing) !!!
A phishing email with subject line "Updated JANUARY Payment Structure (Final Post-Covid-19 listing) !!!" was sent to various mailboxes. Clicking on the xls link will redirect users to a fraudulent site http://managecld.com/log-in/ If you clicked on the link and provided your password, please consider your account as compromised. Change your password immediately and NEVER authorize […]
Job scam Alert - Bitcoin ATM Survey
Information Security has identified a job scam that advertises a phoney bitcoin job opportunity and encourages recipients to respond to an external email address. If you replied to the message, please: DO NOT REPLY TO ANY FURTHER MESSAGES RELATED TO THE SCAM Use the REPORT PHISHING button to report any additional messages related to the […]
Phish Alert - Document shared with you: "Faculty EVALUATION.docx"
Information Security spotted a phishing scam with subject line "Document shared with you: "FACULTY EVALUATION.docx"". The phishing email came in various forms. Clicking on the link will redirect users to a document saved in a cloud service such as Google Docs, Dropbox, or OneDrive, prompting the users to provide an email address and password. If […]
Phish Alert - Work From Home
A job scam email with subject line "Work From Home" was sent to multiple mailboxes this morning. The link redirects users to a Google Form. If you replied to the message, please: *** DO NOT REPLY TO ANY FURTHER MESSAGES RELATED TO THE SCAM *** Use the REPORT PHISHING button to report any additional messages […]
Phish Alert - We Received A Request From You
Phish email with the subject line "We Received A Request From You" was spotted this morning. The link redirects users to a Google Form. If you clicked on the link and provided your password, please consider your account as compromised. Change your password immediately.
Phish Alert - Pending E-mail Support notification
Phish email with subject line "Pending E-mail Support notification" was spotted. Clicking on the link will redirect users to an external site https://wtr.vivico-mx[.]us If you clicked on the link and provided your password, please consider your account as compromised. Change your password immediately.
