Phishing scam: "Library Account"


There is a phishing email circulating advising customers that their library account has expired and that they must click on a fraudulent link in order to reactivate it. See an example of this phishing message below.

Please DO NOT click on the Login page link or reply to the message. Delete this email immediately! It does NOT come from a McGill source.

This email is a fraudulent attempt to gain access to your personal information. If you have already clicked on the link in this email and submitted any personal information, you should change your McGill Password as soon as possible. See the McGill Password Reset Checklist for instructions.

If you have received a phishing email or suspect that you have, please itsupport [at] (contact the IT Service Desk) immediately to report the phishing attempt.

Quick links:

Example of this phishing message:

Sender's address: <fraudulent email address>
Subject: Library Account

Dear User,

Your library account has expired, therefore you must reactivate it immediately or it will be closed automatically. If you intend to use this service in the future, you must take action at once! To reactivate your account, simply visit the following page and login with your library account.

Login Page:

 <fraudulent link>


<fraudulent sender info>