Explore the U of T Phish Bowl

The Phish Bowl features a collection of the most commonly reported phishing attempts that target U of T inboxes. Check back here often to get the most up to date information on phishing trends that may be affecting the university.

If you have received a suspicious email, report it via the “UofT Report Phishing” feature through Outlook or forward it to report.phishing@utoronto.ca if that is otherwise not available.

  • Phish: Duo push verification scam

    Phish: Duo push verification scam

    October 6, 2025

    This phishing message tries to trick recipients into approving fraudulent Duo push notifications.

  • Phish: Tuition scam

    Phish: Tuition scam

    September 3, 2025

    This phishing attempt pretends to be from the University of Toronto, warning students that tuition fees are overdue and access to academic services will be restricted.

  • Phish: Fake student support program

    August 21, 2025

    This phishing attempt falsely promotes a U of T-sanctioned “student support program,” promising students a financial reward of $1,000 and $10,000.

  • Phish: Notification of salary increase

    August 21, 2025

    This phishing attempt falsely promotes a U of T-sanctioned notification of salary increase, promising staff a high salary increase, in this case of 16.89%.

  • Phish: Remote employment opportunity

    August 21, 2025

    These emails promote fake remote job opportunities related to the university. They lure recipients with promises of high pay, flexible hours and minimal requirements – all typical in employment scams.

  • Phish: Fraudulent awards payment attempt

    April 25, 2025

    This phishing attempt falsely promotes a U of T-sanctioned “Spring 2025 Student Bonus”, promising students a financial reward between $1,000 and $10,000.

  • Phish: Fraudulent overpayment attempt

    March 31, 2025

    This phishing attempt falsely promotes a U of T-sanctioned “student bonus” program, promising students a financial reward. The email requests personal information to claim the supposed bonus.

  • Phish: Get Ready to Take Your Research to the Next Level

    March 6, 2025

    This phishing attempt offers students a paid position as a Store Evaluator. It asks students to send their personal information to an external email address under the guise of a well-compensated job opportunity.

  • Phish: You have been sent new employee benefits/salary

    March 6, 2025

    This phishing email attempts to trick recipients into downloading an attachment containing a virus. The attachment can be used to steal personal information and login credentials and gain unauthorized access to the user’s account.

  • Phish: UofT IMPORTANT NOTICE: Verification Needed

    August 26, 2024

    This phishing email attempts to steal personal information, login credentials and Duo passcodes by providing false information about the user’s U of T account being filed for deactivation.

  • Phish: Quishing message on LinkedIn

    August 26, 2024

    This phishing attempt is known as quishing, a social engineering tactic where malicious actors use QR codes to steal information from unsuspecting recipients. This message was sent to U of T community members via LinkedIn.

  • Phish: EMPLΟYMENT ΟFFER!

    August 26, 2024

    This job offer scam is a form of phishing used to take advantage of students and new graduates who are seeking employment.