Phishing scam: "myCourses Access"

News

There is currently a phishing scam targeting the McGill community with the email subject "myCourses Access". The email contains a fraudulent link to a page that looks like the myCourses login page. View an example of the message below. 

McGill's information security team has prevented the attack from reaching most McGill inboxes, and the fraudulent link has been blocked from the McGIll network; however, it is still active from outside our network.

Please DO NOT click on the link or reply to the message. Delete this email immediately! It does NOT come from a McGill source.

This email is a fraudulent attempt to gain access to your personal information. If you have already clicked on the link in this email and submitted any personal information, you should change your McGill Password as soon as possible. See the McGill Password Reset Checklist for instructions.

If you have received a phishing email or suspect that you have, please itsupport [at] mcgill.ca (contact the IT Service Desk) immediately to report the phishing attempt.

Quick links:


Example of this phishing message:

Sender name & address: <email address appears to come from a McGill account, but does not>
Subject: myCourses Access

Dear User,

This message is to inform you that your access to myCourses Learn will soon expire. You will have to login to your account to continue to have access to this service.
You can reactivate it by logging in through the following URL. A successful login will activate your account and you will be redirected to your page.

[FRAUDULENT LINK - URL is not "mcgill.ca"]

If you are not able to login, please contact xxx.yyy [at] mcgill.ca for immediate assistance.

Sincerely,

XXX YYY
IT Services
McGill University
(514) 398-3867
xxx.yyy [at] mcgill.ca