March 19, 2020 – special advisory on phishing messages

In response to the rapidly changing COVID-19 situation, the University has seen an increase in targeted phishing attacks and scams. These attempts are becoming more sophisticated and polished.

Some of these messages are crafted to look like urgent appeals to help with COVID-19 responses or appear to have the signature of a senior leader at the University of Toronto. This includes messages seemingly from high-level University administrators, executives, and managers within academic and administrative units.

Recent targeted phishing attempts include:

  • Requests for COVID-19 money donations or app downloads that look like information sharing;
  • Warning messages that appear to come from leaders/managers stating that your email, library or other U of T email account is about to expire; and
  • Requests from senior leadership asking for immediate help (“Are you available?”), followed up by an unusual request (“Can you go get me some gift cards?”).

Be aware of incorrect email addresses and subject lines with a sense of urgency, for example:

From: Jane Doe <janedoe@NOTutoronto.ca>
Sent: July 12, 2019 12:50 PM
Subject: [ACTION REQUIRED] Faculty/Staff Revised and Updated Catalog From PRESIDENT MERIC GERTLER

From: Meric Gertler Sent: February 3, 2019 at 11:24:47 PM EST
Subject: Urgent Request!

Note:

  • The email addresses are not correct.
  • The subject lines indicate urgency.

What to do if you suspect a phishing attempt:

  • If you suspect your password may have been compromised, immediately change it;
  • Report phishing messages to report.phishing@utoronto.ca; and
  • When in doubt or if you opened an attachment that was provided in a phishing email, reach out to your local IT service desk immediately.

Thank you for your support as we work together to keep our tri-campus community members safe and University-related online information secure.

Thank you,

Isaac Straley
Chief Information Security Officer (CISO)