New Invoice for Uvic

This phish pretends to be from an internal UVic fax service. It used a sender display name of “Uvic” but actually came from an external email address, which of course is a red flag. Also note the green “sender has been verified” banner–that is a fake one added by the phisher.

The phish also came with an attachment called “Uvic statement.pdf”. Do not open it–the contents direct you to login to a phishing site. In general, opening such attachments is very risky since they could contain phishing content or malware. If you opened this attachment, contact your department’s IT support staff or the Computer Help Desk immediately.

“I’ve got you” blackmail

This type of scam is circulating again. See below a screenshot. Typically they are sent to a large number of email addresses retrieved after a certain breach. The scammer demands a payment in Bitcoin threatening to expose your secrets. In most cases they have only your email address and nothing else. In some rare cases they may list an old password (retrieved at some non-UVic breach) of yours in order to convince you.  Do not re-use passwords.  And of course do not answer those scams (even for fun!)

Fake Microsoft Verification Email

Pause when you feel sense of urgency and when it doubt, simply contact the Computer Help Desk. We /Microsoft do not have extreme/urgent account disconnection notices or implementations or deadlines.

NOTE: Microsoft does not host their services on WordPress or Weebly. These and other free web hosting services are commonly abused/compromised for such phishing campaigns.

The Verify Now button will lead to a Fake Microsoft My Activation page hosted on a compromised WordPress site.

The Click Here button will land you on Fake Microsoft Logon page hosted on a compromised or malicious Weebly site.

Fake Microsoft 365

Do not use buttons provided in a suspect page (eg. Close and accept button above). If you’d proceeded this far, simply close the whole browser instead and inform your IT Support contact.