There is a fraudulent email circulating with the subject: "Campus Police Bomb Alert for all Mcgill.Ca". It contains links to a malicious site that looks identical to the Outlook Web App login page. The URL in the link has been blocked and is now inaccessible from within the McGill network; however recipients off campus must beware.
There is a phishing email circulating with content relating to the migration of email accounts into "Outlook Web App 2016". It contains the words "ICT Technical Support" and the message requests that the recipient click on a link and log in to migrate.
Due to the increasing prominence of phishing and malware threats, McGill IT Services will be making some changes to the Anti-Spam Filtering Service. On Monday, May 16, 2016, we will lower the threshold of messages that are considered spam and quarantined. This means, unless you have opted-out of the anti-spam quarantine system, more email messages may be blocked from reaching your Inbox. We anticipate only about a 1% increase in the number of messages detected as spam.
A series of phishing emails, some with malicious attachments, have been reported. Samples are shown below.
Please DO NOT click on any links or open any attachments, or reply to the message. Delete this email immediately! It does NOT come from a McGill source.
If you have already opened the attachment, you should contact your IT Administrator immediately! If you don't know who your IT Administrator is, contact the IT Service Desk.
A phishing email has been reported with the subject "Email Alert from: McGill University Admin". It is signed from Web Administrators McGill University, and urges the recipient to click a link to upgrade their email account. A sample of the email is shown below.
A phishing email was sent to the UNIVERSITY-ELECTIONS Listserv. It seems to comes from Apple, and asks the recipient to verify their login information.
<<- Click to enlarge sample screenshot.
A phishing email has been reported with the subject "Compromised Account". It is signed from McGill's Information Security (InfoSec) team, and urges the recipient to fill out a form to unlock their account. A sample of the email is shown below.
A series of fraudulent emails containing malware attachments have been reported that use a different variations of a subject related to an order/invoice, for example "Invoice <random set of numbers>", "Order Status #xxxxxxx" or "Notification from XXXX". A sample of one of the emails is shown below.
A phishing email has been reported with the subject "Confirmation #<some random set of numbers>". It urges the recipient to open a possibly malicious attachment. A sample of the email is shown below.
A phishing email has been reported with the subject "Web Email Interface Notice". It urges the recipient to click a link and then enter email and password details. A sample of the email is shown below.