Many uvic recipients reported this phish today. In all cases it uses the recipient address to spoof the actual sender. This way the email looks like coming from the recipient themselves. The “ticket number” in the subject is using some sort of random number generator, so it is also different every time.
There are other variations of the subject, for example:
Your E-mail (netlink@uvic.ca) will expire soon -[Ticket ID: xxxxxx]
Your E-mail (netlink@uvic.ca) Requires Verification -[Ticket ID: xxxxxx]
In all cases there is a malicious .shtml file attached.
The name of that file is: uvic.ca-update-form.shtml
(but could be different of course)
Please do not open these attachments, they contain malware.
A screenshot of the phish is shown below: