The phisher used a compromised account from someone in the K-12 education sector to send this phish, which is very similar to ones we saw in August. Do not click the link–it goes to a spear phishing page with the UVic logo and is designed to harvest your credentials. People who enter information on that page may also be prompted with a second form designed to harvest PII.
If you clicked this link, contact your department’s IT support staff or the Computer Help Desk immediately.
This phish is circulating today. The link leads to a very precise copy of the real UVic login page, stored by malicious actors on some external server. As usual the goal is to steal your UVic credentials.
If you hover with the mouse cursor over the link without clicking you can clearly see the address of the fake page is not on uvic.ca.
We are showing below two examples of the same phish from two different recipients. The first did not subscribe to get the “External sender” banner, while the second did. You can subscribe to flag external emails on this page (the bottom):
https://web.uvic.ca/sysprog/cgi-bin/spamhater.pl
Please don’t be curious and don’t click on such links because sometimes they may contain malware which can infect your computer in an instant.
The fake page is shown below:
Message is advising you that you have pending messages and a warning that you email is blocked. Scare tactic to get you to follow-up quickly
There are two malicious glitch.me links here. One at the time of assessment was broken, the other lands on a Fake Zimbra Email Service logon page.
This is not from the UVic Help Desk.
Multiple recipients received what appeared to be a Word Document shared from OneDrive. Link takes you to a compromised Sharepoint site. If you attempt to open it, you will be sent to a office form requesting your Email ID and Password. We will never ask you to provide your email ID and password, most especially displaying it in plain text or via a form.
Attempting to alarm you into clicking the link before you lose your email service, this phishing campaign lands on fake page asking you to verify a captcha prompt before landing on a fake UVic Web App logon page.
This is not a legitimate UVic mailing nor website. When you hover over the provided link you will see that this is not a UVic email service.
This phish is circulating today. It uses the UVic logo and the link leads to a very precise copy of the real UVic login page, stored by malicious actors on some external server. As usual the goal is to steal your UVic credentials.
If you hover with the mouse cursor over the link without clicking you can clearly see the address of the fake page is not on uvic.ca.
Please don’t be curious and don’t click on such links because sometimes they may contain malware which can infect your computer in an instant.
