Phishing Email Security Advisory

You may have received an email with the subject of 'University of Manitoba: E-mail Account Update.' Or 'UM ALERT: UPDATE YOUR E-MAIL ACCOUNT'.

These are not legitimate emails !

If you have received either of these emails please delete the message

Do not click the link or visit the webpage.

The link directs you to a site with the intent of collecting your login credentials. If you have visited this site and logged in, you should reset your password.

If you require assistance please contact the service desk and we will assist you with resetting your password.

Please delete the message if you have received it and we remind you to be very cautious with all account emails. Below is a guide as to how to spot phishing attempts.

What is phishing?

Phishing is the practice luring unsuspecting Internet users to fake websites by using authentic-looking emails with attachments or links to web sites in an attempt to steal passwords, financial or personal information, or introduce virus attacks.

You have probably seen some kind of phishing email already, although you may not even have known it was a phishing email. For example, you may have received an email asking you to verify your account information for your Bank of America account, or PayPal account, when in fact you don't have an account with either of them.

The best way to protect yourself against phishing emails is to know how to spot them. So let’s take a closer look at how to spot a phishing scam…

Phishing emails often try to play off of your emotions: • By promising a financial reward of some kind if you click a link and enter your login information. If an email offers you something that is too good to be true, it probably is! • By urging you to perform an action before a strict deadline. Phishing emails will try to fluster you by creating a sense of urgency. • By promising to show you something secretive or exciting. Phishers try to take advantage of your curiosity. • By threatening you with negative consequences if you don’t perform an action.

Any emails that try to play off your emotions should be treated as suspicious.

Inspect your emails and watch for suspicious items such as:

• A signature block that is very generic, that doesn’t follow company standards • A sender address that is different than the sender name • Email tone that is not what you would normally expect from your co-workers or friends

Finally, watch for these suspicious elements commonly found in phishing emails:

• An email attachment from someone you don’t know OR an email attachments from someone you know but weren’t expecting • Links to web pages that look like authentic login pages • Email links that don’t match the real URL

Information security starts with you so don’t let a phishing scam reel you in! Protect yourself and the University:

• Don’t open unexpected attachments • Don’t give up your personal information, AND • Don’t click links without checking

If you receive any suspicious email, don’t open it. Forward it to spam@umanitoba.camailto:spam@umanitoba.ca.

Thank you,

Service Desk

Information Services & Technology

University of Manitoba

123 Fletcher Argue

230 Neil John MacLean Library

204-474-8600

Servicedesk@umanitoba.camailto:Servicedesk@umanitoba.ca

*************************************************************************************************************

This communication is intended for the use of the recipient to which it is addressed, and may contain confidential, personal and/or privileged information. Please contact us immediately if you are not the intended recipient of this communication, and do not copy, distribute, or take action relying on it. Any communication received in error, or subsequent reply, should be deleted or destroyed. Please consider the environment before printing this email.

{CMI: MCID885893}