Cyber Security Reminder, Be conscious of new phishing attempts

There have been reports of increased email phishing attacks on Canadian Universities. Please take extra care to verify the authenticity of any email asking for personal information or wanting you to click on a link. If in any doubt please call the Nipissing UTS Helpdesk at x4342 or email techsrv@nipissingu.ca

  1. Faculty are being impersonated, and sending messages that were somewhat ‘context appropriate’ to a number of people, directing them to a download link to pick up a document.
  2. Staff and Faculty are being targeted by unknown malefactors in a University Employee Payroll Scam.  This scam has already made its rounds in the United States and is now targeting Canadian Universities.

    Details:
    University employees are receiving fraudulent e-mails indicating a change in their human resource status. The e-mail contains a link directing the employee to login to their human resources website to identify this change. The website provided appears very similar to the legitimate site in an effort to steal the employee’s credentials. Once the employee enters his/her login information, the scammer takes that information and signs into the employee’s official human resources account to change the employee’s direct deposit information. This redirects the employee’s paycheck to the bank account of another individual involved in the scam.

    Consequences of this Scam:

    • The employee’s paycheck can be stolen.
    • The money may not be returned in full to the employee.
    • The scammers can take the employee’s log-in credentials and attempt to log into other accounts that belong to the employee.
  3. Students are being victimized by the ‘Work-from-Home’ Scam.  The ‘Work-from-Home scam asked students to set up a bank account (on behalf of the malefactor) and send the details away.  The accounts are used to transfer money and the victims are responsible for the financial liabilities.  This scam is a form of identity theft.