This phish specifically targets UVic and contains many of the classic red flags:
- The email was sent from someone outside of UVic
- The greeting is impersonal
- The message creates a sense of urgency and threatens you with an adverse impact
- The message contains many grammatical errors
- The signature is generic and doesn’t mention UVic
Hovering over the link without clicking on it (or holding down your finger on it on a mobile device) will reveal that the link goes to a page from a free online form builder. A legitimate UVic login page would not be hosted on an online form builder.
If you entered credentials on the phishing page, change your password immediately and contact the Computer Help Desk or your department’s IT support person.
From: [redacted]@h******.se
Subject: University of Victoria_UpdateNotice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.
Hello user,
This is the last and final notice or our administrator will disable your access to your email.
Please click here to upgrade your University Of Victoria_Update your account security by completing the required details to avoid the deactivation of your University of Victoria edu account.
A cordial greeting wu,
IT Service Desk (c)2024