Phishing scams circulating SFU email account holders

What happened?

On March 9, 2023, Information Security Services saw an increase in phishing email attempts to SFU account holders.

We want users to be aware of these latest phishing email attempts so you can better identify, avoid and report to our team of experts.

The email content varied, but included the following subject line lures:

• Available
• Are you available at the moment?
• UNIDO & AMAZON PAYOUT.
• IT Help Desk #565438
• Simon Fraser University Job Opportunity
• #Your Invitation – Research Project Assistant..

Who was impacted?

SFU account holders, including staff, faculty, students, alumni and potentially other community members with active SFU computing accounts.

What steps should you take?

• Follow the instructions on reporting phishing attempts below then delete the phishing email immediately.
• If you clicked on links, opened any attachments or downloaded files, contact your local IT support person or the IT Service Desk immediately to initiate resources for your system.
• If you provided your credentials for any accounts, you must change those passwords.
• If you provided your financial information, contact your bank or credit provider.  

IMPORTANT NOTE

Please remember to check the sender's email address as another way to confirm legitimacy of a sender. If you are ever unsure, contact IT Services.

For more information on how to identify and avoid these emails, visit the IT Services Phishing Scams page.

PHISHING EMAIL SCREENSHOTS

What happened?

There was a recent (July 8) day-long outage that impacted millions of wireless customers on Rogers, Fido, Chatr and more. Rogers will be offering credit to customers for the inconvenience. 

We want users to be are aware of scam text messages that are now being sent claiming to offer credits in the wake of the service interruptions.

If you see a email or text related to this credit, please do not open the attachment or forward the message to people in the organization other than abuse@sfu.ca.

Who was impacted?

All Rodgers, Fido and Chatr customers.

What steps should you take?

• If you received a suspicious email or text about claiming a Rogers credit, please review the Rogers Frauds and Scams webpage for the latest resources.
• Forward the suspiscious SMS directly to 7726 (SPAM)
• Ideally - delete the email or text without opening.
• Checking the sender email address is another way to confirm legitamacy. If you are ever unsure, contact IT Services.
• Report any other phishing scams to abuse@sfu.ca

IMPORTANT NOTE

Please remember to check the sender's email address as another way to confirm legitamacy of a sender. If you are ever unsure, contact IT Services.

For more information on how to identify and avoid these emails, visit the IT Services Phishing Scams page.

What happened?

On February 2, 2022, an email phishing campaign targeting faculty, staff, and some students was reported to IT Security. The scam contains fragments of old SFU email threads to try to increase the appearance of legitimacy. The message contained a malicious attachment (Excel file) which could compromise a user’s system when opened and macros enabled. 

Please do not open the attachment or forward the message to people in the organization other than abuse@sfu.ca.

Who was impacted?

These emails are being sent to those with an SFU email account. This could include faculty, staff, students and/or alumni.

What steps should you take?

• If you received a suspicious email attachment and opened the file, contact your IT service desk to initiate incident response for your system.
• Please be wary of Microsoft Excel attachments and/or zipped attachments.
• Ideally - delete the email without opening.
• Checking the sender email address is another way to confirm legitamacy. If you are ever unsure, contact IT Services.
• Report any other phishing scams to abuse@sfu.ca

IMPORTANT NOTE

Please remember to check the sender's email address as another way to confirm legitamacy of a sender. If you are ever unsure, contact IT Services.

For more information on how to identify and avoid these emails, visit the IT Services Phishing Scams page.

What happened?

A recent phishing campaign targeting staff, faculty, and students was widely distributed by attackers leveraging compromised credentials. The scam offered a fake UNICEF work-from-home job opportunity from “Dr Laurent Benoit” and urged recipients to contact or reply to their fake email address. 

This email is a “phishing” scam known as a work-from-home job scam.

Who was impacted?

These emails are being sent to those with an SFU email account. This could include faculty, staff, students and/or alumni.

What steps should you take?

• If you provided your credentials for any accounts, you must change your password for the exposed service.
• If you provide your personal information or financial information to scammers you will need to contact your bank or credit provider.  
• If you provided your contact information, this information could be used in future phishing attacks to defraud you. Be wary of any unsolicited emails, phone calls, text messages, or mail in the future. 
• Ideally - delete the email without opening.
• Report any other phishing scams to abuse@sfu.ca

IMPORTANT NOTE

SFU will never ask for your password via email, phone, text or social media.

For more information on how to identify and avoid these emails, visit the IT Services Phishing Scams page.