Phish: UofT IMPORTANT NOTICE: Verification Needed
Published: August 26, 2024
This phishing email attempts to steal personal information, login credentials and Duo passcodes by providing false information about the user’s U of T account being filed for deactivation.
When a scammer has acquired your account credentials, they can attempt to log in to your account by initiating multiple MFA notifications until you approve one of them. If you receive a Duo, UTORMFA or any other MFA notification that you did not initiate, do not approve the request. Report suspicious MFA notifications to security.response@utoronto.ca immediately.
Email details
Subject:
UofT IMPORTANT NOTICE: Verification Needed
Your uoft account has been filed under the list of accounts set for deactivation due to retirement/graduation/freshers/full-time/part-time or transfer of the concerned account holder.
But the record shows you are still active in service and so advised to verify this request otherwise give us reason to deactivate your university account.
Please send the requested information below via EMAIL ONLY to *malicious link* to verify your uoft immediately to avoid deactivation and to book an appointment:
* Full Name:
* Cell Phone Number:
* Campus Email:
* JoinID/Username:
* Passw0rd:
* 6 digit duo passcode on your Duo Mobile (Kindly check your Duo Mobile)
NOTE: Please check your Duo Mobile and fill in the 6-digit passcode above correctly and always send the new code if you mistakenly or consciously used the code you sent, make sure you send the new Duo code immediately.
OR
Whenever you receive any DUO PUSH NOTIFICATION REQUEST sent to your duo mobile app after sending the information above, please accept it to proceed with your verification process, is that understood?.
Please note the one-time submission and entry only.
Send the requested information above, correctly, properly and accordingly.
Phishing cues
Report phishing
If you have received a suspicious email like this one, please report it to report.phishing@utoronto.ca and delete it immediately from your mailbox. Don’t click any links, download attachments, engage with the sender or share the email with your contacts. If you engaged with the sender, please contact security.response@utoronto.ca immediately.