InfoSec Blog - Phishing Alert!

July 19th, 2017

Yesterday a large number of users on campus received a targeted phishing email impersonating President Vaccarino.  The email contained a link to a page made to look very similar to our single sign-on page which would steal any credentials that were entered. This incident serves as a reminder of the constant dangers associated with phishing, as any stolen credentials could be used to perform malicious activities, such as accessing our systems and data, spreading malware, or initiating additional phishing campaigns.

How We Responded

The Information Security team takes phishing attacks very seriously, especially those that impersonate University administration or the Help Center.  As soon as we became aware of this message, we took immediate action to stop the flow of these emails and to limit the potential impact to campus. Specifically, we blocked the senders of these emails, blocked the URLs they were linking to on campus, and reported the URLs to the appropriate authorities.  

How to Recognize this as a Phishing Email

Illustration of Phishing Email Received

What To Do If You Clicked the Link

While these actions were completed as quickly as possible, there is the potential that some users clicked on the link within the email and completed the form. If you did complete the form, please change your Central Login password immediately, and check your account for any suspicious activity. For example, in Office365 verify that email forwarding has not been enabled. Please contact the CCS Help Center if you require any assistance with this.

Additional Resources

The InfoSec website has a large number of blog posts on a wide range of security topics and we keep adding new content every month. Please take this opportunity to review these materials and remind your community of these resources. Here are a few posts specific to phishing:

 

As always, please engage the Information Security team if you have security concerns or to report an incident (infosec@uoguelph.ca). 

 

Written by: Stephen Willem (Manager, CCS Information Security)