Avoiding Phishing Attempts/Handling Phishing Attempts

Owned by Eoghan Sloan
Last updated: Dec 08, 2023
4 min read

There has been an increased number of phishing and spam attempts targeting members of our University community. By working together to help prevent account compromises and reporting incidents of phishing attempts, we can help to protect other members of the University community.

Phishing is an attempt to gain access to accounts or personal information by masquerading as a legitimate request. There are several warning signs you can apply to emails you receive to ensure you do not fall victim to phishing attempts.

Tips for Identifying Phishing Attempts:

  • Check the sender's email address - Examine the sender's email address closely. Be cautious if it looks suspicious or uses a free email service (e.g. gmail.com, outlook.com, icloud.com, qq.com).

  • Emails from University of Waterloo senders are not necessarily safe - Keep in mind, many phishing attempts seek to gain access to client accounts. This email may be coming from a compromised member of the University community. Does it make sense for this person to be sending you this email?

  • Look out for generic greetings - Phishing emails often use generic greetings like "Dear User" or "Dear Customer" instead of addressing you by name.

  • Watch for urgent or threatening language - Be skeptical of emails that create a sense of urgency, fear, or pressure you to take immediate action. This is a tactic to stop or delay you from alerting others to suspicious requests/emails.

  • Verify links before clicking - Hover your mouse pointer over links in the email to see the actual URL without clicking. Ensure the URL matches the legitimate website of the sender.

  • Don't download attachments or click on suspicious downloads - Be cautious of email attachments or downloads, especially if you weren't expecting them. Ensure the file extensions match those you expect to see/receive (i.e. .exe or .js is not a text file).

  • Check for spelling and grammar errors - Phishing emails often contain typos, grammatical mistakes, or awkward phrasing.

  • Be cautious with requests for personal or financial information - Legitimate organizations typically don't ask for sensitive information via email. We will never ask for your login details via email.

If you have any doubts - Verify!

Reach out to ceedsupport@uwaterloo.ca if you have any suspicions about emails you have received before providing any information or clicking links.

Please be sure to forward the email as an attachment using these steps: https://uwaterloo.atlassian.net/wiki/spaces/ISTKB/pages/42583719946

What to do if you have received a phishing email:

  • Do not click any links or provide any information - If you have any doubts as to the legitimacy of a request/email you have received, reach out.

  • Forward the email as an attachment to ceedsupport@uwaterloo.ca - This will prevent your account from being identified as sending spam. To forward an email as an attachment, refer to the following instructions: https://uwaterloo.atlassian.net/wiki/spaces/ISTKB/pages/42583719946

  • Do not send or forward the email to others - While it may seem helpful to alert others of the phishing attempt, we want to minimize the reach of these spam requests.

If you are unsure of what to do after receiving a phishing attempt, please reach out to ceedsupport@uwaterloo.ca.

What to do if you have fallen victim to a phishing attempt:

  • Immediately change your password - Change your password and password recovery email address. Change passwords to any services that may be sharing this password (best practice is to use separate passwords for all services).

  • Contact ceedsupport@uwaterloo.ca and provide a description - Include any information you provided, when you received the email/provided this information, and a copy of the email forwarded as an attachment (Include an email in an attachment: https://uwaterloo.atlassian.net/wiki/spaces/ISTKB/pages/42583719946 ).

  • If your account has been confirmed compromised - If your account has been compromised and you have any concerns in regards to financial or identity fraud, connect with the Security Operations Centre at soc@uwaterloo.ca.

  • If SOC confirms potential fraud - Confirmed fraud cases should be reported to Police Services at uwpolice@uwaterloo.ca.

If you have provided any information or clicked any links, always reach out. There may be additional steps required to ensure your personal information is secure and your account is not at risk of compromise.

Contact ceedsupport@uwaterloo.ca for any questions in regards to this process.

Examples of phishing emails:

Generic greetings indicate cause for concern in this case - also check the sender; does it make sense for this person to be sending you this email?
We will never ask for this type of personal information - especially over email!

Additional Resources:

Learn more about Cyber Security: