Avoiding Email Fraud


What is email fraud?

If you use email there's a good chance you have seen fraudulent messages at some point. Email fraud can take many forms, such as requests for help, bogus offers, or requests for personal data.

The messages requesting personal data are typically referred to as phishing scams and can come from sources that appear legitimate, for instance a bank or a trusted institution such as UofT. They attempt to get you to divulge personal information, such as user names, passwords, banking information, etc. They succeed in getting this information if you respond to the emails, or if you log into a website that imitates the legitimate website. They tend to try to instil a sense of urgency by telling you that your account will be deactivated or some other limiting measure will be taken.

What effect does it have?

If you are the victim of such an attack, confidential material in that account is subject to unauthorized access. It is also common for compromised accounts to be used to send unsolicited email to others who may fall victim because they trust messages coming from those accounts. When many accounts from the University are compromised, other institutions may block all email messages coming from UofT in order to protect their own clients.

How can I recognize and avoid phishing scams?

UofT and other legitimate organizations will NEVER send requests for passwords or other personal information via email. If you receive a message requesting your user name or password to any accounts, DO NOT provide it. If the message provides a link to a website, DO NOT click on it. Instead, you should delete these messages.

If you have clicked on a link in a suspicious message, look closely at the URL and make sure you recognize it before continuing. The example below shows how misleading addresses can be formatted:

Fake URL
(Credit: Microsoft Corporation)

If you have provided your login information to such a request, change your password immediately and contact the Help Desk at 416-978-4357 for assistance .


What you can do to help.

Report it!  Instructions on reporting fraudulent websites or forms you are directed to on phishing emails can be found here

What UofT is doing to help.

UofT's weblogin page and UTORid management page have added security. For the weblogin page, there is an Extended Validation (EV) server certificate installed which provides a higher degree of assurance than other certificates. In most cases, a green bar indicates the EV server certificate. Other indicators are described below. If you do not see a key indicator do NOT enter any information. If you are unsure, call the Help Desk for assistance. 

Firefox 25 and higher
The green text indicates the EV server certificate.

Firefox with weblogin EV cert

Firefox 4.x on Windows 7

 Windows 7 and Firefox 4

Chrome on Windows
The green bar indicates the EV server certificate.
Chrome on Windows


Internet Explorer 11 on Windows
The green bar indicates the EV server certificate.
Windows and IE 11

 Edge on Windows
The green text indicates the EV server certificate.
Edge on Windows


Firefox 45.x on Mac OS X 10.10.x

The green text indicates the EV server certificate.
 Mac OS X 10.10 and Firefox


Safari 4.x on Mac OS X 10.5.

The green "University of Toronto" indicates the EV server certificate.
Mac OS X 10.10 and Safari

Chrome 49.x on Mac OS X 10.10.x
The green bar indicates the EV server certificate.
Mac OS X 10.10 and Chrome

 

For further information on this subject, please consult the following websites:

 

Tags: security, SPAM
Last update:
2016-05-30 17:12
Author:
Amanda Wagner
Revision:
1.14
Average rating: 3.89 (277 Votes)

You can comment this FAQ

Most popular FAQs RSS

  1. UTORmail (20896 views)
  2. Wireless Access (13332 views)
  3. UTmail+ (12693 views)
  4. UTORexchange (12222 views)
  5. Accounts and Passwords (10962 views)
  6. Student Advantage and Office 365 ProPlus (9684 views)
  7. Avoiding Email Fraud (9425 views)
  8. Blackboard/Portal Login FAQ (8638 views)
  9. Overview of Email Services (8302 views)
  10. UTORmail: Webmail (8107 views)

Latest FAQs RSS

  1. Wired Access: Campus Residence (ResNet) Access (2016-06-30 13:23)
  2. Internet/Connectivity (2016-06-30 10:12)
  3. Connecting to UofT Wireless with Windows Vista (2016-06-30 10:09)
  4. Connect to the UofT Wireless Network on an iPhone/iPad/iPod ... (2016-06-30 10:09)
  5. Blackboard/Portal Login FAQ (2016-06-29 15:57)