Phishing is the fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a legitimate organization or institution, and gaining the trust of the unsuspecting victim. Phishing scams usually take place by email, where the sender appears to be a reputable institution, such as your bank, a department at McGill, or even a close friend in need of assistance.
This past month malicious emails circulating at McGill included ZIP file attachments that contained a virus which sabotaged users’ files and was able to spread to other drives on the network. If you ever suspect an email message may be phishing, notify the IT Service Desk and do not open it.
The IT Service Desk receives several phishing reports per week. We announce the ones that are widespread and those that target McGill users with information or questions pertaining to McGill services (a practice known as spear phishing). You can check our new IT Security Alerts web page to find recent announcements here.
Find out about how to spot phishing attempts and protect yourself here.