With semester start, UFV’s Cybersecurity team has seen an increase in targeted phishing campaigns against faculty and staff. There are two types of phishing emails being commonly reported:
- The gift card scam: These emails come from a free email provider, like Gmail, and impersonate UFV employees by signing the email with their name. The scammer starts by asking if you are free to complete a task. If you respond to their request, they will ask you to purchase gift cards and to send them the card details. This is a scam.
- The voicemail scam: These emails ask you to click on a link (or attachment) to listen to a voicemail message. These are really phishing emails that aim to steal your login credentials and gain unauthorised access to your account. UFV does offer a voicemail-to-email service, which can make these phishing emails hard to spot. Legitimate voicemail-to-email messages from your UFV softphone will be from donotreply@ufv.ca and will not contain the external tag. If you aren’t sure, forward it to phishreport@ufv.ca.
How to spot these phishing emails:
- The [EXTERNAL] tag: Pay close attention to the [EXTERNAL] tag in the email subject and the warning footer. This indicates an email is from outside of UFV, and should be treated with caution.
- The sender address: In Outlook, you may hover over the sender’s profile picture to reveal their full email address. If it’s from an external source, it should be treated with caution.
- In doubt? Report it! Send the email to phishreport@ufv.ca and our Cybersecurity team will confirm if the email is legitimate. Reporting suspicious emails helps keep others safe, too.
- Learn to identify phishing: For tips to identify phishing emails, visit our Knowledgebase: Identify Spam & Phishing, or our other email security resources at ufv.ca/email.
We thank you for being vigilant, and for your help in maintaining the security of our systems.
Comments are closed.