Phishing
Select image to view accessible version.
Phishing is the process of stealing someone’s personal information leading to identity theft. Using email and fraudulent company names with websites, cyber criminals gain access to people’s personal data. Phishing attacks are a constant threat to everyone and are becoming increasingly sophisticated.
Select image to view accessible version.
Phishing FAQs
-
How do I flag an email as phishing?
In Outlook, use the “Report” button from the top ribbon, followed by the appropriate option.
• Report Phishing will delete the email and report the item to IT Services for analysis.• Report Junk will add the sender to your Blocked Senders List and move the email to your Junk Folder. This action also contributes to improving spam filters across the organization, helping reduce unwanted email for everyone. -
Why do I see an "EXTERNAL" banner on some emails?
Information Technology (IT) Services has added a yellow warning banner to emails that come from outside the university. Ensure you know the sender and are expecting an email before opening any links or attachments. If you see this banner in an email claiming to be from the university, it is likely illegitimate. For more information
-
How do I reveal a true link?
Links in phishing emails and on fake websites often don’t match the address they claim to be. If the true link differs from what you’re expecting, don’t click.On a computer:Hover your cursor over the link – the true link will display at the bottom of your browser or as a tooltip.On a mobile device:Press and hold the link (instead of tapping) to preview the true link.
-
What if I was phished?
If you accidentally opened a potential phishing link or attachment, it’s vital to report the incident to the Service Desk (905-721-3333 or ServiceDesk@dc-uoit.ca) as soon as possible. As a precaution, it is suggested to proactively change your network account's password and perform a virus scan on your device.
For password change, please kindly visit https://itsc.ontariotechu.ca/ and select Password Change.
To perform a virus scan if you are on a Windows laptop, please kindly follow the instructions below:
1. Open Windows Security
• Press Windows key → type Windows Security → press Enter.
(You can also find it under Settings → Update & Security → Windows Security → Open Windows Security.)
2. Go to Virus & Threat Protection
• In the Windows Security window, click Virus & threat protection from the left-hand menu.
3. Choose Scan Options
• Click Quick scan to scan the most common areas where threats are found.
• If you want to run a different type of scan:
-
Click Scan options (or Scan now → Scan options depending on your version).
-
Choose one of these:
-
Quick scan – Fast scan of common system locations.
-
Full scan – Checks all files and running programs (can take a long time).
-
Custom scan – Lets you choose a folder or drive to scan.
-
Microsoft Defender Offline scan – Restarts the PC and scans before Windows loads (good for stubborn malware). You may require a BitLocker key as detailed here.
-
4. Start the Scan
• Click Scan now.
• Wait for the process to complete — scan time depends on the option selected and your system size.
5. Review Results
• When the scan finishes, the results will show any threats found.
• If threats are detected, you can choose Remove, Quarantine, or Allow (only if you know it’s safe).
-