What is happening? There has been a recent increase in the number of malicious emails being sent to members of the University community from attackers impersonating leaders at all levels of the organization. Please be vigilant and read emails carefully before responding.
What should I do if I have received this email? Suspected phishing and malicious emails should be reported to the Security Operations Centre at soc@uwaterloo.ca. Reports of successful fraud should be directed to UW Special Constable Services at uwscs@uwaterloo.ca.
How do I know if an email I received is an imposter email?
- Initial message is very brief - The first message from the attacker is usually one line (e.g., "I need a quick favor")
- Look at the sender email address - click on the sender or hold your finger on the name of the sender. If it's external and you don't recognize it, then it's likely a scam.
- Verify with the real source - if you receive a suspicious email supposedly sent by your manager or another department, find their actual contact information and reach out to them directly. Do not reply to the original message!
Learn more about cyber security best practices: https://uwaterloo.ca/cyber-awareness/
Questions or concerns? Contact the IST Service Desk, helpdesk@uwaterloo.ca or ext. 44357.