The UVic email system did not add the “From a trusted sender” banner. The phisher added this fake banner to make the message look legitimate.
ITS Help-Desk
Re: Help Desk Support,,
Reconfirm your Uvic Authentication Key
Invoice – with malicious Excel spreadsheet
Blackmail using passwords from other breaches
University Systems has received reports of multiple blackmail-related emails targeting UVic users. The email is a blackmail or extortion attempt which includes a previously-used password and threatens that potentially embarrassing information will be disclosed if the fee is not paid, in a certain amount of time. The tone and content of the email is frightening, but the threat is not credible. The senders of the phishing message retrieved the disclosed password by data-mining past breaches of accounts associated with other services such as Facebook, Twitter, Yahoo, LinkedIn and Adobe.
If you have received one of these emails, here are some steps you can take to protect yourself:
- Do not respond to these emails. You can safely delete it.
- Use the HaveIBeenPwned service, and submit your email address(es) to see what breaches your email address may have been part of.
- Learn of steps you can take to protect your Netlink ID and other accounts:
- Take the Phishing Awareness training.
COVID-19 Support
Fake Help Desk Login
This phishing attack mimicked the login page for the UVic Computer Help Desk.
Microsoft New Update
Coronavirus (COVID-19) # 97831
Uvic AudioMessage From +1 133-535-7697
Notice! From ITS Admin office
Re: APRIL PAYROLL BENEFIT
Regarding Position
New Outlook Web App for Staff/Employee
