Returning to campus: Information, updates and vaccination requirements. Learn more.

Impersonation / Fraudulent Domain - uoregina.ca

Threat Level: Medium
Threat Type: Phishing, Fraud
Advisory Date: 05/04/2020

Description

One of the many ways that phishers and scammers can attempt to trick you is by producing false top-level website domains and copying our public website content to these false domains (a top level domain, or TLD, refers to the extension of a website, example: "website.com", "website.ca" or website.org").

This is a common trick phish for your credentials, personally information, or payment.

The false domain lends legitimacy by giving you a false sense of security; the threat actors rely on inattentiveness to website addressing or slight errors in website presentation, hoping that no one notices the subtle differences to gain access to your information.

The copycat domain www.uoregina.ca and uoregina.ca is actively hosting look alike content content for malicious purposes.  

This malicious domain contains an extra 'o' which is not found in the official www.uregina.ca / uregina.ca domain.

This domain is not hosted or operated by the University of Regina, and should be considered malicious.  Precaustions and awareness are required to avoid falling victim to this scam.

Impact

Threat actors create false domains because they cannot take control of a top level web domain due to a number of limiting factors.

The cloned domain may contain a partially functional copy of our website, and may be used for phishing, collecting personally identifiable information, or other malicious purposes.

All emails from this domain, and visits to the website on this domain should be considered fraudulent as they seek to impersonate the University of Regina, but this content or communications are not official, nor legitimate.

Resolution

Our official TLD (uregina.ca) and subdomains (subdomain.uregina.ca) are tightly controlled and are the only official University of Regina online resources you should utilize your credentials on.

We actively monitor for false domains and work to resolve them as they're identified.

Users should exercise all resonable precautions, as the fradulent domain (uoregina.ca) is actively attempting to impersonate in order to decieve visitors.

  • Always ensure that any link in an email address goes to the real uregina.ca domain, and not an impersonation domain designed to appear similar (such as www.uoregina.ca).
  • Do not respond to any email from the malicious domain (uoregina.ca).
  • Do not visit unofficial clones of the University's website.  It may attempt to collect credentials with fake login pages, or may distribute malware.
  • Do not submit applciations or remit payment to the malicious copy-cat site.  Any request for information or payment is fraudulent.
  • Ensure that a site is official and valid if it asks for your uregina.ca credentials; if such a request seems odd or fake, please report and we can verify for you.

Resources

If you believe have been directed to this domain by via email, web search, web browser redirect, please report this interaction.  

If have entered credentials on the false domain, please contacting the IT Support Centre to report this issue, and change any impacted passwords.

Email: IT.Support@uregina.ca
Phone: 306-585-4685
Toll-free in Canada: 1-844-585-4685