Phishing Scams at U of G: What You Need to Know

Posted on Monday, September 16th, 2019
Written by Jyll Weinberg-Martin

Phishing is a common technique used by cyber criminals to try to trick you into providing sensitive information. They do this by sending emails posing as legitimate organizations, such as the University or your bank. Phishing messages will often lure you into clicking a link to a web page that mimics a legitimate site, such as the University of Guelph Single Sign-On page. If you enter your credentials, these criminals will then have access to both personal and University information which they can sell, use for criminal activity, or hold hostage for a significant price.

The University’s Information Security team, part of Computing & Communications Services (CCS), actively filters out millions of malicious emails every day and responds to reported threats. However, users are still vulnerable to new and emerging scams.

How to recognize a phishing attempt:

  • Sender email address that does not match the organization from which it claims to be sent (e.g., your bank would never send an email from a Gmail account);
  • Hover over any embedded links (links in text or in images) to ensure they lead to a legitimate and expected location;
  • Offers that seem too good to be true;
  • Urgent requests for personal information with severe or unrealistic consequences for inaction;
  • Spelling and grammar errors evident in email; 
  • Unexpected attachments in email;
  • Includes short URLs like bit.ly, owl.ly, etc., as you don’t know where these links will take you. You can trust short links that start with uoguel.ph because they are unique to U of G and are safe!

What to do if you suspect a phishing attempt:

  • Do not respond or open any links in the email until you have confirmed it is safe;
  • Do not provide your password to anyone, and remember that U of G will never ask you for it; and
  • When entering your U of G password online, always double check that the URL at the top of the page reflects the legitimate U of G Single Sign-On page (look for the green lock symbol and “University of Guelph” in green text at the beginning of the URL).

Where to find more information on cyber security at U of G:

Be aware and be safe!