MFA Now Required for VPN

Please be advised that multi-factor authentication (MFA) is now required to connect to myVPN - Learn More

Recognize Phishing Emails

Staff member sitting at laptop scratching head confused reviewing email

What are Phishing Emails?

People who want to steal your information can be clever. A common trick used by cybercriminals is to send you an email, which appears to come from someone you trust. The email will urge you to click on a link to verify your account, update your “expired” password, or open an important attachment.

A common example of phishing is the notorious Nigerian Prince email scam that promised a gift of a lot of money in exchange for banking information. It may sound like an obvious scam, but these types of phishing attacks are sent to large numbers of random email addresses and people may eventually provide personal information by accident.

Often these messages are marked as Urgent and contain links to sites designed to steal your information or hack your computer. Remember, UBC will never ask you to provide your password.

Warning icon in envelope

156 million phishing emails sent each day

10% of these emails manage to get through spam filters*

 

Fishing rod catching paper money

80,000 people fall for a scam each day

Which can result in stolen identities, financial loss, and credit card fraud*

 

Staff member working at home reviewing email on laptop

How Can I Recognize a Phishing Email?

Phishing messages can come in many different disguises, from sophisticated deception to obvious fraud.

Watch out for these common characteristics of phishing emails:

  1. Non-UBC Email (“CAUTION: Non-UBC Email” indicator at the top of the body of email)
  2. Sense of urgency and time constraint, very brief
  3. Requests to verify accounts or credit card numbers
  4. Anything too good to be true
  5. Unexpected Emails
  6. Information mismatches
  7. Suspicious attachments
  8. Unprofessional design

*Remember: “Think before you click the link”. If you have any concerns about a message or link, don't open the message or click the link. Instead, forward it as an attachment to security@ubc.ca

 

Staff worker at laptop wondering if they have fallen for a phish

What if I Accidentally Fall for a Phishing Email?

As cybercriminals get more sophisticated with their tricks, it can be harder to recognize phishing emails. If you respond to a phishing email with your password, change it immediately and notify the UBC Information Security team at security@ubc.ca so we can work with you to protect your account.

If you accidentally open an attachment from a suspicious email, delete it immediately (and empty the Recycling Bin on your desktop) and send an email to security@ubc.ca to let them know about the incident.

 

How Do I Report a Phishing Email?

You should report phishing attempts by forwarding them as an attachment to the UBC Information Security office at security@ubc.ca

For assistance in reporting, see this guide to create quick steps in Microsoft Outlook for Windows to report phishing and remove it in one click.

Phishing victim concerned about how to report

If you see a suspicious email with UBC branding, logos, and language please contact the UBC Information Security office immediately at the email above. When we are made aware of a phishing campaign, we can immediately begin identifying and protecting accounts that may have been compromised.

Fast reporting from members of the UBC community has helped save many accounts from potential privacy breaches.

If you are working from a cellphone or tablet which makes it difficult for you to forward an attachment, please just forward the email to security@ubc.ca and then follow up with the attachment at your earliest opportunity, referencing the Incident ID which will have been automatically generated for you.

Go Further...

Privacy Matters @ UBC

Safety & Risk Services | 2389 Health Sciences Mall
University Counsel | 6328 Memorial Road,
UBC Cybersecurity | 6356 Agricultural Road
E-mail privacy.matters@ubc.ca

UBC Crest The official logo of the University of British Columbia. Urgent Message An exclamation mark in a speech bubble. Caret An arrowhead indicating direction. Arrow An arrow indicating direction. Arrow in Circle An arrow indicating direction. Arrow in Circle An arrow indicating direction. Chats Two speech clouds. Facebook The logo for the Facebook social media service. Information The letter 'i' in a circle. Instagram The logo for the Instagram social media service. Linkedin The logo for the LinkedIn social media service. Location Pin A map location pin. Mail An envelope. Menu Three horizontal lines indicating a menu. Minus A minus sign. Telephone An antique telephone. Plus A plus symbol indicating more or the ability to add. Search A magnifying glass. Twitter The logo for the Twitter social media service. Youtube The logo for the YouTube video sharing service. Bell Warning