Currently there are many phishing emails which are being sent to University of Toronto accounts (including departmental accounts) with the subject line: Transaction complete These emails are originating from compromised University of Toronto accounts (so the messages appear to be more legitimate than usual phishing attacks) and are arriving from "utoronto.ca" addresses. The message tries to get users to give up their username and password. In our default configuration our spam filter has flagged every such message sent to our department (they were appearing in INBOX and SuspectedSpam folders flagged as "SPAM:###", but are now flagged as "VIRUS DETECTED" and automatically deleted). Please delete any such messages without opening them.
“Transaction complete” subject lines on utoronto.ca phishing emails
January 21, 2015 by