A phishing email is targeting the McGill community with the subject "RE: Final Reminder: Complete: [name] DocsOnline Docs Via E-Sign #63 - Mcgill Project-08(REVISED)."  See an example of the message above.

Classified as: IT security alerts, email scams, phishing, IT Alerts
Category:
Published on: 17 Nov 2023

In an effort to limit the impacts of unsolicited and fraudulent emails being sent in large numbers to the McGill community, McGill’s IT Infrastructure & Information Security has decided to limit the number of emails that can be sent from non-2FA (two-factor authentication) enabled email accounts.

Classified as: IT security alerts, email scams, phishing, IT Alerts, IT Announcements
Category:
Published on: 28 Sep 2023

A phishing email is targeting the McGill community with the subject "(Attention chair.psychiatry) | Re-authenticate 2 Factor Authentication (2Fa) | September 2023".  See an example of the message above. The message contains a QR code and asks you to scan it with your phone camera: 

"Dear User:

Your authenticator session has expired today. Kindly re-authentication with your mobile device to avoid being locked out of your email account. 

Quickly scan the QR Code below with your smartphone camera to re-authenticated your password security.

Classified as: IT security alerts, email scams, phishing, IT Alerts
Category:
Published on: 15 Sep 2023

A phishing email is targeting the McGill community with the subject "Mcgill Authentication For [name]@mcgill.ca Expires on [date]".  See an example of the message above. The message contains a QR code and asks you to scan it with your phone camera: 

"Message date: [date]

Promptly scan below QR code with your phone camera to release HELD messages 

[fraudulent QR code]

Some messages failed to load and could'nt be delivered."

 

Classified as: IT security alerts, email scams, phishing, IT Alerts
Category:
Published on: 12 Sep 2023

There is a phishing email targeting the McGill community with the subject "Completed: Complete with Via-Sign: #7 - 34499-07-# Monday July 2023". The message body contains a fraudulent link. 

 

Classified as: IT security alerts, email scams, phishing, IT Alerts
Category:
Published on: 17 Jul 2023

There is a phishing email targeting the McGill community with the subject "Microsoft De-Activation In Progress".  See an example of the message above. The example we received says,

"Dear User,

This is the last time we will notify you that we'll stop processing incoming emails in your school account, and the reason is you failed to verify your Microsoft account which may lead to the permanent deletion of your account from our database in the next few hours.

Kindly take a minute to complete our email verification below

Classified as: IT security alerts, email scams, phishing, IT Alerts
Category:
Published on: 12 May 2023

A targeted phishing email is currently circulating, asking you to click on a fraudulent link (see image).

Please DO NOT click any links or reply to the message. Delete this email immediately! It does NOT come from a McGill source.

Classified as: IT security alerts, email scams, phishing, IT Alerts
Category:
Published on: 25 May 2023

A targeted phishing email is currently circulating, asking you to open an attachment that contains a fraudulent link. See an example of the message to the left.

Please DO NOT click any links or reply to the message. Delete this email immediately! It does NOT come from a McGill source.

Classified as: IT security alerts, email scams, phishing, IT Alerts
Category:
Published on: 18 May 2023

The education network is currently facing a large wave of fraudulent emails with a Microsoft OneNote attachment containing Qakbot malware. The impact of an infection by this malware is high, so the IT  Information Security department has taken the precaution to block emails containing these attachments when they originate from an external source (e.g. come from a non-McGill email address).

We recognize that there will be cases where people may need to receive legitimate OneNote files from external sources who do not have a McGill email address. As a workaround, we recommend you:

Classified as: email scams, phishing, IT security alerts
Category:
Published on: 10 Feb 2023

A targeted phishing email is currently circulating, asking you to open an attachment that contains a fraudulent link to a shared document. See an example of the message to the left.

Please DO NOT click any links or reply to the message. Delete this email immediately! It does NOT come from a McGill source.

Classified as: email scams, phishing, IT security alerts
Category:
Published on: 20 Sep 2022

A targeted phishing email is currently circulating, asking you to open an attachment that contains a fraudulent link to a shared document. See an example of the message to the left.

Please DO NOT click any links or reply to the message. Delete this email immediately! It does NOT come from a McGill source.

Classified as: email scams, phishing, IT security alerts
Category:
Published on: 20 Sep 2022

This message is sent on behalf of Ghilaine Roquet, Chief Information Officer and Associate Vice-Principal (Information Technology Services)

Please forward this memo to all employees who deal with financial information in your unit.

IMPORTANT: Phishing fraud targets McGill users with access to financial data, via email and Skype instant messaging

Classified as: Financial Services, phishing, fraud, financial data, email, Skype
Category:
Published on: 15 Sep 2017

Phishing messages typically get 5-10% response rates, but a new system has boosted its rate to 40%. John Seymour and Phil Tully, two data scientists from the security company ZeroFOX, presented their system SNAP_R at Black Hat, a Las Vegas conference on cyber-security, on August 4. SNAP_R uses a deep neural net to study a person's past tweets and then mimics that person's writing style using a Markov model, generating a phishing tweet. So far, there is no reason to think that criminals are using a similar system, but Seymour and Tully's work show how it might be done.

Classified as: phishing, data science in the news, cyber-security, spearphishing, dialogue bots, deep neural networks, Markov model, John Seymour, Black Hat
Category:
Published on: 5 Aug 2016

McGill is looking into a recent phishing attack that targeted the McGill community. Phishing is an attempt to acquire an individual’s personal information by masquerading as a legitimate or trustworthy entity. In this most recent case, an email sent to McGill staff and students starting July 11 directed users to a website that looked very much like the Minerva website and asked them to supply their McGill username and McGill password and/or their McGill ID and PIN.

Classified as: phishing, information security, IT
Category:
Published on: 2 Aug 2013
Back to top