There are a number of phishing attempts being sent to U of T email accounts claiming to be from various U of T services.
Be wary of any emails asking you to log in to a U of T website using a link in the message or to provide personal information, especially if there is a threat that you will lose access to an account if you fail to do so. You should always navigate to services using web addresses you know rather than ones provided in an email. Remember that you should only log into sites that you are certain are the correct ones.
Below is some general information on the latest phishing email messages we’ve reported:
- A message claiming to be from the Help Desk, requesting that you verify your email
This message is from UNIVERSITY OF TORONTO: IT HELP DELSK, We are currently upgrading our [utoronto.ca) database and e-mail account center i.e homepage view, enhance security installations of new -2018 anti-spam and anti-virus software, large mailbox space. For your account security, we strongly recommend that you Renew your account now, else your account will be scheduled for termination.
After renewal/verification, extra security features will be activated in your email settings and your account will be safe for use again. Kindly verify your e-mail within 24 hours or your e-mail will be temporarily suspended. CLICK HERE to verify your e-mail.
- A malicious email claiming to be from "Library Services" which asks that you log in using a link that looks like our Weblogin page, but is actually a different address.
This particular email is well crafted with a 978 phone number in the signature along with a fake email address that look it belongs to a real U of T person.
This email claims that if you do not follow the link that "your access to the library will soon expire".
- A message with the subject HelpDesk
The email invites the recipient to click on a link to upgrade their account to something called "New 2018 Microsoft Outlook Web portal".
Hours: October 1, 2017 – April 26, 2018
|Monday — Friday||Saturday||Sunday|
|Walk-in||9:30 a.m. to 7:00 p.m.||11:00 a.m. to 2:00 p.m.||Closed|
|Telephone||8:30 a.m. to 9:00 p.m.||11:00 a.m. to 3:00 p.m.||1:00 p.m. to 5:00 p.m.|
About 1500 UTORids have been blocked and will require password resets as a result of a worldwide security breach involving more than 1 billion accounts and passwords discovered last week.
The Help Desk and Information + Technology Services are working to reset these accounts and notify users.
See more details on the Information Security and Enterprise Archtecture website.