Month: April 2022

A typical phish attempting to take advantage of similar, legitimate emails was recieved by a number of UVic users today. The example below received by our Computer Helpdesk shows how malicious actors attempt to hide that this is a fake email in the sender display name, the url display name, and the body of the email. The link uses a URL shortener service and leads to a real looking, UVic branded login page, with your email prefilled in.
If you are not sure if an email is legitimate, ask your DSS, CHD or IT support expert for assistance!

Phishers are continuing to take advantage of the ongoing COVID-19 pandemic to try and get people to click the link. This phish also uses a URL shortener to hide the true destination of the link, which is a fake login page created by a free web form builder. Remember, always hover over the link to see where it goes before clicking, and be wary of shortened URLs in emails.

A lot of these phishing emails were recieved by UVic users today. This email appears a bit like a OneDrive file link email.
Always be mindful of the link, actual sending email address, and whether you expected an email.

This phish is circulating today.

Same old tactics – scary the user there is something wrong to deal with fast, navigate to a fake page, steal your UVic credentials.

A screenshot of the phish message is shown below. The email of the recipient is included in the message. The links pretend to be internal but in fact point to an external site (that can be seen when hovering with the cursor above the link, without clicking).

 

 

This is how the fake page looks like: