Dear Students, Faculty and Staff,
This weekend we've received several additional examples of the "Final Warning!" phishing attempt. These messages are originating from Trent accounts that have been compromised in past phishing attacks, and therefore it is not possible to block them from our email system.
These messages are not legitimate. Please continue to delete these messages if you receive them.
If you have clicked the link and entered your username and password, reset your password on the myTrent portal as soon as possible.
Phishing attacks such as this are becoming an ever more common way to access information from authorized users, and to gain access to the sensitive data we store at the university. Fortunately, phishing can usually be easily identified by following these tips:
- IT will NEVER ask you to click a link and enter a password in an email message, instead we would advise you to login to myTrent (without providing a link) in the unlikely event account action is needed.
- Legitimate, mass announcements from IT will always be sent in the form of a Tech Bulletin.
- Phishing messages commonly contain grammatical and spelling errors or other errors in the text of the message such as the incorrect names of departments.
- The links in phishing messages, when hovered over with a mouse will generally point to unusual web addresses that are often long to confuse users.
- Known phishing attacks will be posted on our Twitter feed at Trent_IT.
Associate Vice-President, IT
P.S. Missed a Tech Bulletin? Please go to http://www.trentu.ca/tech-bulletins to review the Tech Bulletin archives.
Posted on October 9, 2017