Phish: Notification of salary increase
Published: August 21, 2025
This phishing attempt falsely promotes a U of T-sanctioned notification of salary increase, promising staff a high salary increase, in this case of 16.89%.
This phishing email urges recipients to download an attachment containing a virus. The attachment may steal personal information and login credentials and give attackers unauthorized access to accounts.
Once an attacker has acquired login credentials, they often try to access accounts by sending multiple multi-factor authentication (MFA) requests, hoping one will be approved. Do not approve unexpected Duo, UTORMFA or other MFA requests you did not initiate.

Email details
Subject:
Notification of 16.89% Salary Increase – Documents Attached
Dear University Community,
Following up on last week's announcement, please find attached the official letter outlining your 16.89% salary increase, effective Monday, August 18, 2025.
The enclosed documents include all relevant details regarding this adjustment.
Access Instructions:
To review your salary, increment letter, please use the initial access code: Salary2025.
Should you have any questions, feel free to reach out to the Payroll & Employee Relations team.
Best regards,
Payroll & Employee Relations
University of Toronto
Attachment:
University of Toronto.pdf (125 KB)
Phishing cues

Report phishing
If you receive a suspicious email, do not open attachments or click on links. Report phishing attempts to security.response@utoronto.ca.