IT Services has received reports about malicious emails that were sent to many members of the SFU community. The emails contained directions to click on links with the intention of capturing your personal information such as name, address, SFU Computing ID, and password. Providing your password would give the scammer access your SFU accounts, including SFU Mail, goSFU, and myINFO. Providing other personal information could lead to fraud or recruiting you to work for the scammers. Some examples of the emails are below.
Subject: Please Sign the February - Updated List.
Date: Monday, February 3, 2020 8:57 AM
Subject: SFU February Season - Part Time Job
Date: Monday, February 3, 2020 at 2:05 PM
IT Services continues to enhance our email gateway’s ability to detect and filter spam, and to protect members of the SFU community from malicious emails. If you receive any malicious emails, please do not reply, click on any links, or open any attachments.
NOTE: Under no circumstances will SFU request that you provide or confirm your Computing ID and password via email. You should never give your SFU password to anyone.
If you clicked on the link in either email, please
- contact your local IT support, and/or
- contact IT Services at email@example.com.
Tips to protect yourself:
- Never send your password to anyone.
- Be wary of links and attachments in emails, especially external links and unknown email addresses, and check source and destination email addresses before replying.
- Follow established financial procedures carefully, and question instances that do not align with SFU standard processes.
- Report any possible phishing emails to IT Services at firstname.lastname@example.org.
- Keep virus detection and system software up-to-date on your computer.
- Ensure you back up your data.