Phishing scam: Beware of phishing attempt leveraging COVID-19


Published: 19Mar2020

There is an increase in reports of malicious actors using the CoronaVirus (COVID-19) in phishing campaigns and malware scams. There have been recent instances where phishing has been used in an attempt to impersonate various health agencies.  Please visit Canadian Centre for Cyber Security for the most up-to-date information. 

Staff should question the legitimacy of unusual emails especially if the request involves money, there is a sense of urgency, or the sender is unavailable for confirmation.  

Please DO NOT click on the link or reply to the message. Delete this email immediately! It does NOT come from a McGill source.

These emails are a fraudulent attempt to gain access to your personal information. If you have already clicked on a link in these emails and submitted any personal information, you should call the IT Service Desk at (514) 398-3398 as soon as possible.  If no one is available to take your call you should change your McGill Password immediately. See the McGill Password Reset Checklist for instructions.  It is still important to follow up with the IT Service Desk after resetting your password to ensure that all the necessary actions have been taken.

If you have simply received a phishing email but have not clicked the link, please contact phishing [at] immediately to report the phishing attempt.

As a reminder: If you are unsure of the legitimacy of the email request, you should verify with the sender by contacting them directly.

Quick links:


Back to top