Not just another phishing announcement

Not just another phishing announcement

April 13, 2023

If you have received a phishing message to one of your email accounts recently, you may have noticed that phishing has become more sophisticated, with significant advancements in social engineering tactics. This makes it necessary to maintain an ongoing advisory program about privacy and information security geared toward UBC faculty and staff. From standard CEO fraud involving wire transfer requests to gift card fraud, cybercriminals are using a variety of fraudulent methods in an attempt to dupe unsuspecting victims

The sad reality, as long as people keep clicking on links and entering their login credentials onto fraudulent websites, phishing won’t be going away anytime soon.     

 

How can you protect yourself?

Here are two quick guides to bookmark on your web browser to keep handy at all times, not just when engaging in UBC business:

Phishing Quick Guide # 1 – Preventative Measures

Here are a few simple steps to keep in mind when going through your FASmail inbox to avoid becoming a victim of a phishing attack.

  • Be wary of any messages with the ‘CAUTION: Non-UBC Email’ banner
    • This warning banner is applied to any incoming mail to your FASmail inbox that originated from outside a UBC mail server.
    • While this banner can be applied to emails from fellow researchers or colleagues you interact with that are not employed by UBC, it is intended as a first line of visual defense for all FASmail users.
    • When you see the banner, do as the instructions say, take caution. Take a moment to scrutinize the body of the message and the name and address of the sender. Do not click on any links. If anything about the email looks suspicious in any way, report it immediately to security@ubc.ca.

 

  • Do not let your guard down
    • On very rare occasions, criminals may send you a message from what was a valid UBC email address but has since become compromised due to social engineering or credential harvesting.
    • The only way for UBC Cybersecurity to know of such an account is by having it reported to security@ubc.ca. Once reported, they can immediately initiate reparations and prevent any further nefarious activity by the criminals using that account.
    • If you receive a message from what appears to be a valid UBC colleague, that requests for you to provide personal information such as your Social Insurance Number, Driver’s License, or banking information of any kind, do not reply to the email. Any UBC staff that would require this information (such as Human Resources or Financial Operations) already have access to it through a confidential and secure database. Report the email immediately to security@ubc.ca.
    • If you know the telephone number of the person associated with the email address from which you received the peculiar message, call them directly. Ask them about the message, and confirm whether or not they are aware of it being sent from their account. If they did not send it, tell them to contact security@ubc.ca immediately. Then report the email immediately to security@ubc.ca.
    • Avoid opening emails when your attention is divided. If you are in a meeting and simultaneously trying to keep up with emails, you could accidentally open a message or click on a malicious link that you otherwise would have avoided. Inform others that if they urgently need to get a hold of you while you are in a meeting, they should send you a message through an instant message application, or a text message. Then, when your meeting is over you can review the email with your full attention and respond accordingly.
    • Do not click or tap on any links in emails while on your phone. Many faculty and staff choose to have their FASmail messages available to read on their phone. While this is a convenient option, some messages are not fully displayed on mobile devices, meaning clues that would normally alert you to the suspicious nature of a message may be hidden.

 

 

Phishing Quick Guide # 2 – Mitigation Measures

Here are a few simple steps to quickly deploy if you suspect your CWL login has been compromised or if you believe that you accidentally have fallen for a phish.

  • Be mindful of verification prompts from Duo Mobile
    • When your CWL login is used to access a secure UBC website or web application from outside of the UBC network, you will be prompted for a second factor of authentication by Duo Security. If you receive such a prompt and did not make the login request, be sure to hit ‘Deny’ when prompted. Then select ‘It seems fraudulent’ as your response when asked why you are denying the request. This will automatically generate a report about a possible fraudulent attempt on your account.
    • Change your CWL login password immediately.
    • Report the fraudulent attempt to security@ubc.ca. Even if you receive the prompt outside of office hours or are nowhere near a computer at the time. Sending a quick email to security@ubc.ca explaining that you have reason to suspect your CWL account has been compromised, will allow UBC Cybersecurity the opportunity to temporarily suspend your account until further investigation is conducted. This will prevent a criminal from using your account to send out malicious emails using your UBC FASmail account.

 

Go even further...

For a much more in-depth look at phishing at UBC, you can:

 

 

 

 

 

 

 

BACK TO NEWS