Because .zip files are sometimes used to transmit viruses or other malicious software by spammers, and in our recent experience, such files were circulated to the UofT community, new preventative measures have been introduced to reduce the possibility of viruses being spread.
If you are on UTORmail:
Messages sent by UTORmail customers with .zip attachments will have the file name changed by having “-utCAUTION! " appended to it. Before you are able to open it, you will need to remove “-utCAUTION!” from the name.
If you are on UTORexchange:
Messages sent by UTORExchange customers with *.zip attachments, will have the text “utCAUTION: .ZIP ATTACHMENT" added to the email Subject line and the text “PLEASE USE EXTREME CAUTION WHEN OPENING .ZIP ATTACHMENTS AS THEY MAY CONTAIN VIRUSES" in the email message body. The attachment itself will not be renamed.
There is an email being circulated spreading a virus to UofT email clients. The emails contai a .zip fail claiming to contain a PDF document. If someone opens the zip file, their machine becomes infected and it sends versions of itself to people in their address books.
Do NOT open the attachment. If you have, please contact your local IT professional or the Information Commons Help Desk.
You should never open a .zip file sent to you in email unless you are expecting it.
According to the FBI:
"University employees are receiving fraudulent e-mails indicating a change in their human resource status. The e-mail contains a link directing the employee to login to their human resources website to identify this change. The website provided appears very similar to the legitimate site in an effort to steal the employee’s credentials. Once the employee enters his/her login information, the scammer takes that information and signs into the employee’s official human resources account to change the employee’s direct deposit information. This redirects the employee’s paycheck to the bank account of another individual involved in the scam.”
Scams of this nature are not likely limited to just US targets. For more information on avoiding email fraud, please see our article at: http://help.ic.utoronto.ca/content/77/1747/en/avoiding-email-fraud.html?highlight=phishing
for more information on this specific attack, please see: https://www.ic3.gov/media/2015/150113-2.aspx