Good day all,

IT has received intelligence from several other Canadian and US based educational institutions that have been targeted with library login themed phishing messages. In the examples that have been observed so far, the user receives a phishing message indicating they need to perform a research or library related action such as avoiding fees, accessing new journals or downloading previously requested articles.

To avoid this we recommend the following phishing tips –

• Never click links from out of bound requests – Frequently phishing messages appear to be automated. If you weren’t expecting a response, or a message appears out of the blue, it may be phishing.
• Hover over links to see where they go – all Trent sites end in have a .trentu.ca before the first / in the address if you see any additional characters at the end of the URL such as login.proxy.lib.trentu.ca.xill.fa, it’s likely the page was fraudulently created.

Thanks everyone – We’re sending a lot of phishing notices recently, but this is very popular time for the phishers with back to school.

Cheers,

Ian

Ian Thomson, M.A, CISSP

Information Security Officer

Trent University – Information Technology

ithomson@trentu.ca