MORE INSIDIOUS EMAIL PHISHING
In addition to the usual reports of both internal and external email/website phishing we are seeing a rise in “spear phishing” where an attempt is made to compromise a specific user using publicly-available information to appear to be a trusted entity. The end of this email describes such an attack initiated with a telephone call that happened recently in our department.
If you receive a suspicious email please feel free to report it to:
The University also has a reporting system centrally at:
Here are some tips to avoid a phishing attack:
http://main.its.utoronto.ca/news/10-tips-to-avoid-a-phishing-attack/
In general we all need to be careful with our digital security. Please see:
https://securitymatters.utoronto.ca/
for the University’s suggestions for various groups for security.
RECENT CASE REPORTED BY A FACULTY MEMBER
Someone finds an online poster for a future conference. They look up a speaker’s office phone number and email address. They call the speaker’s office, and tell them that they are booking the hotel for them for the conference (they know the conference location and dates). They ask the speaker to provide their credit card information to secure the room; they say that the credit card will not be charged, that this is just to secure the room. However, the organizers of conference confirmed they did not place the call to the speaker.