Recent phish impersonate U of T employees, offer jobs

Graphic of email with fish hook

In addition to the increasing number of COVID-19-related scams globally, the University of Toronto (U of T) continues to receive reports of common email phishing attempts crafted to look like enticing job opportunities, requests to update or migrate to a new system and more. In light of this, U of T students, staff and faculty are encouraged to continue to maintain caution when dealing with suspicious emails, texts or phone calls.

Here are two reported email phishing attempts with some common red flags highlighted. Visit the Phish Bowl for more.

Click here to read first example on a reported email phishing attempt

Click here to read second example on a reported email phishing attempt

By using mail.utoronto.ca email addresses and credible-appearing signatures, these phishing attempts have the potential to be detrimental to the U of T community. To protect against these types of phishing attempts, please review tips for how to spot a phish.

What can you do if you suspect a phishing attempt/attack?

  • Report it using the “report message” function in your Office 365/UTMail+ inbox and to report.phishing@utoronto.ca
  • When in doubt, call the sender by phone to confirm the email was really from them
  • If you opened an attachment or link that was provided in a phishing email, reach out to your local IT service desk immediately