A phishing email seemingly originating from Dylan Cybulski, dylancybulski@trentu[.]ca with the subject line "Document shared with you: "Winter Faculty Bonus 2024.docx"" was sent to various mailboxes. The objective of the phishing emails is to compromise users’ accounts by linking to a Google document which linked to a Google form asking users to provide their York University […]
It has come to our attention that emails with subject lines "Work from Campus/Dorm/Home (Winter 2024 Semester)" AND "Administrative Assistant / Customer Service(Winter 2024 Semester)", seemingly originating from uchicago.edu email addresses, are circulating. Please be advised that these emails are not legitimate and are a scam. The Information Security team has taken action to remove […]
A confirmed phishing email with the subject line "Please Verify Your Yorku Account" was sent to a number of mailboxes. Clicking on the provided link will redirect users to an external site hosted on google forms. If you clicked on the link and provided your credentials, please consider your account as compromised. Change your password IMMEDIATELY and notify us […]
Phishing emails containing a QR code with subject line "Salary Increase, Dividend, Compensation Raise, Insurance Plans and Benefit Package Update" were reported. Illustration 1 Illustration 2 The emails are fraudulent and do NOT scan the image. If you scanned the QR code and provided your credentials, this may have allowed hackers to access your account. Change your […]
Please note that York will NEVER request for passwords, Duo passcodes or other personal information via email or Google Form. Below is the latest job scam email that was sent to various mailboxes. The Information Security team has taken action to remove the fraudulent messages. If you receive similar messages, please report it immediately by […]
Scammers continue to use compromised YorkU accounts to send job scams to the community. Phone number +1 (215) 828-9264 is the scammer's number Please note that York will NEVER request for passwords, Duo passcodes or other personal information via email or Google Form. If you texted the requested information to +1 (215) 828-9264, do NOT […]
Several waves of phishing emails promoting "money mule" scams leveraging compromised York University users' accounts have been detected. These emails claim to offer recipients a well-paying remote job with no requirements and link to a Google form that requests personal information. The "job" in question is a money mule scheme whereby victims are told to […]
Scammer compromised a YorkU email account and sent over 9900 phishing emails. Following through with the fraudulent link attached in email will result in compromise of personal information and potential financial loss. The Information Security team has taken action to remove the fraudulent messages. If you receive similar messages, please report it immediately by clicking on […]
Microsoft recently disclosed a zero-day vulnerability (CVE-2023-36884) which is currently being exploited in the wild. Attackers are coercing users via social engineering phishing techniques into opening a specially-crafted Microsoft Office document that could result in remote code execution. Even though Microsoft Defender for O365 provides protection against attachments designed to exploit CVE-2023-36884, we ask the […]
A new job email scam, sent from a compromised York account, was reported by the community. Students are the main target of the FAKE job offer. The email asks prospective applicants to provide their Full Name, Cell number and personal email address. The Information Security team has taken action to remove the fraudulent messages. If […]