Quick Links

IT security

Phishing scam: "Subject: Outlook/Login-Mail"

A phishing attempt is circulating with the subject line "Outlook/Login-Mail". The message says that some incoming emails are blocked, and that you need to unlock them. A sample of the email is shown below.

Published: 1Jun2015

Phishing scam: "Subject: Dear mcgill.ca Email User"

A phishing attempt is circulating with the subject line "Subject: Dear mcgill.ca Email User". The message says that we are updating our email database due to upcoming firewall upgrade and that you need to revalidate your email account to avoid it being deleted. A sample of the email is shown below.

Published: 1Jun2015

Phishing scam: "Subject: Your Account will be Temporary Suspended"

A phishing attempt is circulating with the subject line "Subject: Your Account will be Temporary Suspended". The message says that your mailbox is running out of data storage and will be suspended, and asks you to log on to a fraudulent website to upgrade / add more data space. A sample of the email is shown below.

Published: 20May2015

Phishing scam: "Subject: RE: Faculty/Staff/ Student"

A phishing attempt is circulating with the subject line "RE: Faculty/Staff/ Student". The message says that your mail settings are out of date and asks you to log on to a fraudulent website to update your mailbox. A sample of the email is shown below.

Published: 12May2015

McGill’s phishing expedition

Educating computer users on the consequences of phishing is a challenge, especially since cybercriminals develop more sophisticated-looking emails and schemes every day. We’re all incredibly busy and bombarded with emails; even the most tech-savvy among us have fallen into their trap.Last week, IT Services phished all faculty and staff members of the McGill community. Yesterday, March 11, they did it again. Some people ask why is this necessary?

Read the full McGill Reporter article →

Published: 12Mar2015

It's time for a phishing expedition

Periodically, IT Services will send out mock phishing emails to the McGill community as part of a proactive approach to increase awareness of the dangers of phishing. Users who click on a link in one of these emails will be redirected to a page informing them that they have participated in a phishing awareness exercise, and will be encouraged to learn how to identify and avoid falling victim to these types of scams.

Don’t want to wait and risk taking the bait? Sign up now for IT Services’ online Security Awareness training, or read more about spotting phishing scams:

Published: 17Feb2015

Check it before you click it!

Scam?

With holidays fast approaching, cybercriminals are taking advantage of people's vacation planning, online shopping, and expected package deliveries. Millions of phishing scam emails are being sent out daily, spoofing trusted brands, retailers, postal services, banks, stores, and more. Many of these emails look legitimate, and it gets harder to tell what's a real email, and what's a scam.

Published: 5Dec2014

Warning: CryptoLocker Virus is back again - don't open attachments

CryptoLocker

There is currently a virus infecting computers via email attachments.  In the latest fraud reported at McGill, the subject of the email is You have received a voice mail, and the attachment contains the virus.

If you receive any emails containing .ZIP file attachments, DO NOT open them.

Published: 14Oct2014

Bash security vulnerability

Yesterday, a new security vulnerability, affecting Bash, was announced. The Bash shell, commonly accessed through Command Prompt or the Terminal application, is a part of many Linux, Unix, and Mac systems. Since it has been around for more than two decades, older devices are also vulnerable. If used maliciously, Bash allows an attacker to take over an operating system, access confidential information, make changes, etc.. 

McGill’s IT Services is devoting their full attention to addressing any potential threat this may cause to centrally-managed IT systems.

Published: 25Sep2014

Faculty and Staff: McGill will double your password if you don’t do it first

If you haven’t yet changed your McGill Password, it’s time to get to it.

In October, all faculty and staff members who did not change their password when prompted to earlier this year will have their McGill Password doubled.

Published: 11Sep2014

Pages