Phish Alert - Payroll Notification

Threat Level: Medium
Threat Type: Social Engineering
Advisory Date: 07/13/2023


A payroll phishing campaign may have hit your inbox recently.

We have recieved multiple reports about a message sent to multiple users impersonating an account that appears as a university payroll email address.

The message is similar to this structure:

To All Faculty and Staff Members,
1 New Notification Regarding Your Payroll <links to phishing domain>
Best Regards,

© 2011-2018 University of Regina


At this time, we have identified and alerted accounts affected by this email directly.

If you have recieved this email to a non-uregina account, please safely ignore this message as it does not originate from our mail servers.


We have currently removed these domains from our mail servers and contacted the hosts of the abusive sites, however the phishing form is still live at this time.

If you have interacted with the phishing form, we recommend that you change your password immediately at and contact us at so we can take steps to keep your account safe.

If you have not interacted or responded to this phishing message but recieved it, you may safely ignore it and delete it from your inbox.


Review our phishing website for more information on how to protect yourself from further messages:

If your receive a message that you are unable to determine the legitimatacy of, please contact the IT Support Centre:

In person at ED 137 or Archer Library Main Floor Commons
We thank you for all of your phishing reports!