What is happening? The IST security team has been made aware of a phishing attempt on edu.uwaterloo.ca email accounts. If users contact you about receiving an email regarding “edu.uwaterloo.ca server maintenance” that asks them to verify their account, please advise them not to click on any links or open attachments and delete the email. If they have opened the attachment or followed any links that may have been in the email, advise them to contact email@example.com. An example of the email being sent is below:
You have pending mails from firstname.lastname@example.org<mailto:email@example.com>
To retrieve your emails you have to verify this account and save your Port Configuration as Attached
Warning: Failure to do this will lead to loss of important mails and data
This message has been sent to: (userid)
Please delete and Ignore if this is not your email address
edu.uwaterloo.ca setup team.
When is this happening? Users began reporting these emails this morning.
Reminder: Be cautious of any suspicious email you receive. Under no circumstances should you open or extract unexpected zip files, run any files contained within the attachment, or click on links within the email. Doing so allows the malware access to your machine, which will render it unavailable until fixed. This process can take 1-2 business days.
What should you do if you receive such an email?
- Do not open any attachments or click on included links.
- Please forward the email to firstname.lastname@example.org and include email headers.
- Delete the original message.
Questions or concerns? Contact the IST Service Desk, email@example.com or ext. 44357.