{"id":1869,"date":"2024-01-19T13:10:24","date_gmt":"2024-01-19T21:10:24","guid":{"rendered":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/?p=1869"},"modified":"2024-01-19T13:28:03","modified_gmt":"2024-01-19T21:28:03","slug":"uvic-mandatory-multi-factor-authenticator","status":"publish","type":"post","link":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/2024\/01\/19\/uvic-mandatory-multi-factor-authenticator\/","title":{"rendered":"Uvic Mandatory Multi-factor Authenticator"},"content":{"rendered":"<p>While it&#8217;s true that we are requiring everyone to enrol in <a href=\"https:\/\/www.uvic.ca\/systems\/netlink\/2fa\/index.php\">UVic MFA<\/a>, this email is not legitimate and is a case of quishing (QR code phishing). Here are the signs that this email is fraudulent and the QR code is not safe to scan:<\/p>\n<ul>\n<li>Although the sender name mentions UVic, the email actually came from an external email address.<\/li>\n<li>UVic is capitalized incorrectly and there are some wording errors in the message.<\/li>\n<li>The email instills a sense of urgency by threatening expiry within a very short period of time, which is an attempt to trick you into acting hastily. Genuine emails of this nature will usually give you multiple notices well in advance of the deadline.<\/li>\n<li>The email contains a QR code.\u00a0<strong>Legitimate QR codes for MFA setup will never be sent by email.<\/strong> If a QR code is in an email, it&#8217;s usually because the scammer is using it to disguise a malicious link.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-1870 size-full\" src=\"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2024\/01\/2024-01-19-mfa-quishing1.png\" alt=\"First half of MFA-themed quishing email - includes external sender and urgent language\" width=\"610\" height=\"598\" aria-describedby=\"phish_transcript\" srcset=\"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2024\/01\/2024-01-19-mfa-quishing1.png 610w, https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2024\/01\/2024-01-19-mfa-quishing1-300x294.png 300w\" sizes=\"auto, (max-width: 610px) 100vw, 610px\" \/><\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone wp-image-1871 size-full\" src=\"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2024\/01\/2024-01-19-mfa-quishing2.png\" alt=\"Second half of MFA-themed quishing email - contains a malicious QR code that should not be scanned\" width=\"608\" height=\"653\" aria-describedby=\"phish_transcript\" srcset=\"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2024\/01\/2024-01-19-mfa-quishing2.png 608w, https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-content\/uploads\/sites\/4983\/2024\/01\/2024-01-19-mfa-quishing2-279x300.png 279w\" sizes=\"auto, (max-width: 608px) 100vw, 608px\" \/><\/p>\n<hr \/>\n<blockquote id=\"phish_transcript\"><p>From: Noreply_Uvic &lt;greatfoob@grumpy******.ca&gt;<br \/>\nSubject: Uvic Mandatory Multi-factor Authenticator<br \/>\nThis message was sent with high importance.<\/p>\n<p>Notice: This message was sent from outside the University of Victoria email system. Please be cautious with links and sensitive information.<\/p>\n<p>[Microsoft Authenticator icon]<\/p>\n<h3>Microsoft 365 sign-in for multi-factor authentication<\/h3>\n<ul>\n<li>The multi-factor authentication for is set to expire within <strong>24 hours<\/strong>.<\/li>\n<li>Scan the barcode below to <strong>reauthenticate your multi-factor authentication within 24 hours<\/strong> and stay connected to Microsoft 365 apps and services.<\/li>\n<\/ul>\n<p>[Malicious QR code]<\/p>\n<p>Contact Microsoft help desk if you have any questions.<\/p>\n<p><small>This email was sent from an unmonitored mailbox.<br \/>\nYou are receiving this email because you have subscribed to Microsoft Office 365.<br \/>\nPrivacy Statement<br \/>\nMicrosoft Corporation, One Microsoft Way, WA 98052 USA<br \/>\n<strong>Microsoft<\/strong><\/p>\n<p>STATEMENT OF CONFIDENTIALITY The information contained in this email message and any attachments may be confidential and legally privileged and is intended for the use of the addressee(s) only. If you are not an intended recipient, please (1) notify me immediately by replying to this message; (2) do not use, disseminate, distribute or reproduce any part of the message or any attachment; and (3) destroy all copies of<\/small><\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>While it&#8217;s true that we are requiring everyone to enrol in UVic MFA, this email is not legitimate and is a case of quishing (QR code phishing). Here are the signs that this email is fraudulent and the QR code is not safe to scan: Although the sender name mentions UVic, the email actually came &hellip; <a href=\"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/2024\/01\/19\/uvic-mandatory-multi-factor-authenticator\/\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">Uvic Mandatory Multi-factor Authenticator<\/span><\/a><\/p>\n","protected":false},"author":8719,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"image","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1869","post","type-post","status-publish","format-image","hentry","category-uncategorized","post_format-post-format-image"],"_links":{"self":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/1869","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/users\/8719"}],"replies":[{"embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/comments?post=1869"}],"version-history":[{"count":3,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/1869\/revisions"}],"predecessor-version":[{"id":1874,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/posts\/1869\/revisions\/1874"}],"wp:attachment":[{"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/media?parent=1869"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/categories?post=1869"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlineacademiccommunity.uvic.ca\/phishbowl\/wp-json\/wp\/v2\/tags?post=1869"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}