IT security reminder: be aware of email phishing attacks
The university is experiencing a number of phishing attacks on campus email services. In particular, there has been an influx of emails asking to purchase gift cards on behalf of someone else and send the code by replying to the email.
What do I need to do?
Phishing attacks use spoofed emails and fake web sites to trick recipients into divulging personal information such as user names and passwords, credit card numbers, social insurance numbers, etc.
- Be vigilant of emails that land in your inbox, especially those that ask you to divulge personal or financial information. The university never asks for passwords or other security information through email, and never sends links asking you to log into your account.
- Protect yourself: Do not respond to anyone who asks for personal information by email, even if you think it is from a legitimate source.
- Be suspicious of any email that:
- Asks you to divulge personal or financial information.
- Isn't personalized (i.e. uses generic greetings such as 'Dear Customer').
- Contains embedded links that don't match the links displayed within the body of the email (e.g. link says ‘uoit.ca’ but you see a different link when you hover over it with your mouse).
- Has a false sense of urgency.
- Is poorly written.
- Do not click on any links in these emails, and do not save or open any attachments.
For more information, contact the IT Service Desk at ext. 3333.
