- Get help
- Services
- Announcements & alerts
- Service outages
- Security alerts
- Major initiatives
- IFMS updates continue to modernize faculty processes
- Introducing Simon Says virtual assistant
- Tech Upgrades to Transform 51社区黑料Learning Spaces
- Liam Goundrey: Workplace Excellence in Action
- Automating processes to make everyday tasks easier at SFU
- Building a connected campus with MS Teams
- Modernizing IT for a better SFU
- Improving speed and coverage with network upgrade program
- Using automation to drive efficiency and innovation at SFU
- Welcome to the new 51社区黑料Mail: now faster, secure, intuitive
- Reintroducing IT ServiceHub: Your One-Stop IT Support Platform
- Supporting SFU's Digital Transformation with Exchange Online
- Important changes to 51社区黑料email practices
- Transforming the 51社区黑料experience through digital improvements - Key Initiatives in Progress
- Jovanna Sauro wins 51社区黑料Personal Achievement Award
- Improve your cellular coverage by enabling WiFi Calling
- New committee guides transformative changes at SFU
- Expanded identity options for students within 51社区黑料applications
- 51社区黑料works toward keeping devices out of landfills
- A journey to improved WiFi
- Help us, help you, connect to better WiFi
- IT Services' new support system: ServiceHub
- Information Security Essential Courses
- IT Services leadership announcement
- University Wide Password Change Initiative
- April 2021 technical issue
- Telephone System Core Infrastructure Upgrade
- Decommissioning fraser.sfu.ca
- 51社区黑料
- Information security
Phishing Scams
51社区黑料is committed to fostering a culture of information security across the University. Protecting against cyber security risks and continuously improving our practices is essential to safeguarding our systems, data, and community.
What is a Phishing Scam?
Phishing is a common cyber attack used to trick people into revealing sensitive information or taking actions that compromise their security.
These scams can happen through email, text messages (SMS), phone calls, social media, or messaging apps. Attackers often impersonate trusted organizations, 51社区黑料services, or even people you know.
How does a Phishing scam work?
Phishing is usually done through email or phone and generally involves impersonating an organization or person of authority to manipulate a victim into taking some action that provides access, resources, and/or information to a scammer. A scammer sends an email that appears to be from a recognizable institution or company such as a bank or institution (or other). The email may claim that you need to update your account or that your 鈥渞efund鈥 is ready. Whatever the message is, the email is an attempt to trick you into providing your personal or financial information.
Phishing attacks rely on deception and urgency. A scammer may:
- Pretend to be a trusted organization, service, or individual
- Ask you to click a link, open an attachment, or approve a login request
- Create a sense of urgency (e.g., 鈥測our account will be locked鈥)
In most cases, the goal is to get you to click a malicious link, enter your credentials, or share sensitive information.
How can you spot a Phishing scam?
Phishing messages are becoming more sophisticated. With the use of AI, attackers can create messages that are well-written and convincing. Grammar and spelling mistakes are no longer reliable indicators of a phishing attempt. Look for these indicators instead:
- Requests that don鈥檛 match how 51社区黑料or trusted organizations normally communicate
- Urgent, threatening, or high-pressure language
- Requests for sensitive information (passwords, codes, financial details)
- Suspicious links or attachments
- Generic greetings (e.g., 鈥淒ear User鈥)
- Slightly altered or look-alike URLs or webpages.
What are some common phishing campaigns?
- Current Events
Scammers often strike during major sporting events, elections, disaster relief efforts and health emergencies. - Credential Harvesting
Fake login pages designed to capture your 51社区黑料computing ID and password. - Business Email / Identity Impersonation
Messages that appear to come from 51社区黑料staff, faculty, or trusted contacts requesting urgent actions. - Gift Card Scams
Requests鈥攐ften impersonating someone in authority鈥攁sking you to purchase gift cards or share codes. - MFA Fatigue (Push Bombing)
Repeated authentication prompts sent to your device hoping you approve one by mistake. - Malicious Links & Attachments
Fake invoices, shared documents, delivery notices, or alerts that lead to malware or credential theft. - Job, Scholarship, or Financial Scams
Fake opportunities targeting students and staff to collect personal or banking information.
What information are they usually asking for?
- 51社区黑料Computing ID and password
- Multi-factor authentication (MFA) codes or approvals
- Personal information (name, address, birthdate)
- Social Insurance Number (SIN)
- Banking or credit card details
How do I protect myself?
- Do not respond to suspicious messages
- Do not click links or open attachments unless you are confident they are legitimate
- Be cautious of any message asking you to act quickly or bypass normal processes
- Improve business practices by reducing reliance on email for financial transactions and the exchange of sensitive information (e.g., personal information), and by implementing workflows to verify suspicious or phishing-like requests.
- Verify requests using a trusted method (e.g., contact the person or department directly)
- Never share your password or MFA codes
- Use SFU-approved systems when handling sensitive information
- Avoid using personal email accounts for SFU-related work
- Complete SFU's Information Security Essentials Course
- Report suspicious messages
What should I do if I receive a Phishing Message?
- Do not interact with the message (do not click, reply, or download)
- Report it using SFU鈥檚 reporting tools (e.g., Outlook 鈥淩eport Phishing鈥 Button)
- Delete the message or mark it as Junk
- Even replying with 鈥渦nsubscribe鈥 or 鈥渟top鈥 can confirm your account is active and lead to more attacks.
Reminder: If something feels unusual, unexpected, or too good to be true鈥攑ause and verify before you act.