Skip Ribbon Commands
Skip to main content


What is "Phishing"?

Phishing is a type of cyber-crime that involves an "attacker" sending a fake email, text message or phone call impersonating a reputable organization/person to a recipient "victim" in order to retrieve their personal information such as passwords or credit card numbers. Often the emails in a phishing attack will contain links to malicious websites that direct users to enter their username/account number/credit card number and password.  This personal information is then used to access the user's account which can result in identity theft, financial loss, data loss/hijacking or to pass along the attack to others.  Some of these websites are so realistic it is extremely difficult to differentiate them from the valid reputable website.


How do I identify a phishing email?

1. The message indicates it's urgent and attempts to scare or threaten you to take action.  It may say a deal is only for a limited time or that you're behind on a payment and threaten you with legal action.


2. The message often contains a link to a website or an attachment they want you to open. If you hover over the link it's misspelled or completely different.


3. The message may look like it's from an internal employee but the email address is actually an external address.


4. The message may indicate that they've noticed suspicious activity on your account and need you to login or your account will be suspended. 


5. The message may have spelling or grammatical errors or be in a different language.  This can include a non-standard format for the greeting and signature.



HELP! What if I clicked on a link or opened the attachment?

Log a call with the Helpdesk immediately and explain what happened. As soon as possible login to a different computer and change your password. A support analyst will be dispatched to assess your computer for malware.

Do I need to do anything if I haven't opened the email?

Please report it to the Helpdesk and someone will contact you to gather additional information, if required.

What if I'm concerned the email from the social networking site/company/bank is legitimate and there really is a problem with my account?

If you really are concerned there may be an issue with your account, open a browser and go to the company's official website support section and contact them with information found on their website.
  • DO NOT click any links provided in the email
  • DO NOT contact them using any information contained in the message

How do I report a Junk or Phishing email?

Wihtin Oulook right-click on the e-mail message and select Report as Junk or Report as Phishing.

Recent Phishing Outbreaks:

Features of threat
10/21/2019 12:00 AMcompromised Social Insurance Number (SIN), need to confirm it<br>Telephone scam
compromised Social Insurance Number (SIN), need to confirm it
6/12/2019 8:00 AMEmail, link, Your Email Inbox is Blocked
Email, link,
5/27/2019 5:10 PMHidden link, phishing, malwareNone
Hidden link, phishing, malware
3/26/2019 12:30 PMPrompting for information, Compromised account credentialsPart-Time Job Opportunity
Prompting for information, Compromised account credentials
3/17/2019 7:45 PMText Message, phishing for banking informationText/SMS Message
Text Message, phishing for banking information
1 - 5Next

Phishing Learning Session:

Downloadable .pdf version of the phishing learning session

More Information: Resources:

​Upcoming Learning Sessions:

There are no items to show in this view of the "Training Schedule" list.