Returning to campus: Information, updates and vaccination requirements. Learn more.

Phish Alert - Payroll Notification

Threat Level: Medium
Threat Type: Social Engineering
Advisory Date: 07/04/2019

Description

A payroll phishing campaign may have hit your inbox recently.

We have recieved multiple reports about a message sent to multiple users impersonating an account that appears as a university payroll email address.

The message is similar to this structure:


To All Faculty and Staff Members,
1 New Notification Regarding Your Payroll
www.uregina.ca <links to phishing domain>
Best Regards,

© 2011-2018 University of Regina

Impact

At this time, we have identified and alerted accounts affected by this email directly.

If you have recieved this email to a non-uregina account, please safely ignore this message as it does not originate from our mail servers.

Resolution

We have currently removed these domains from our mail servers and contacted the hosts of the abusive sites, however the phishing form is still live at this time.

If you have interacted with the phishing form, we recommend that you change your password immediately at https://novapp.cc.uregina.ca/perl/chpass.pl and contact us at is.security@uregina.ca so we can take steps to keep your account safe.

If you have not interacted or responded to this phishing message but recieved it, you may safely ignore it and delete it from your inbox.

Resources

Review our phishing website for more information on how to protect yourself from further messages:

https://www.uregina.ca/is/staff/security/resources/resource-phishing.html

If your receive a message that you are unable to determine the legitimatacy of, please contact the IT Support Centre:

In person at ED 137 or Archer Library Main Floor Commons
We thank you for all of your phishing reports!