Warning about COVID-19-related cybersecurity threats
Dear Concordia community member,
With public concern around COVID-19 growing, there are an increasing number of phishing attempts referencing the virus. Some of these malicious emails specifically target university community members.
Concordia’s IT Security team has intercepted a number of malicious emails. However, some may still get to you through your university or personal accounts. Watch for demands for urgent action or email addresses that mimic legitimate university ones. These may be as subtle as additional letters or words, as in the example below:
Please keep in mind these basic security recommendations:
- only open emails from trusted senders
- do not click on links or attachments unless you are expecting them
- hover over a sender’s email address with your cursor to see if there are inconsistencies between the name of the sender and the address from which the email arrived into your mailbox
- think twice about opening emails with a generic greeting, rather than your name
- watch for mistakes in titles or in the content
- if you are contacted by a company or funding agency with which you do not have an established relationship, consider that the email may be phishing or spam
As a reminder, Concordia's Instructional and Information Technology Services (IITS) has made available online security training for all staff and faculty through the MyConcordia portal. You can access it from any computer with your netname and regular work password.
Students, faculty and staff with questions or concerns about the legitimacy of an email or other digital communication can contact IITS at firstname.lastname@example.org.
We thank you for remaining vigilant and protecting both your personal data and the university’s through good cyber-hygiene.
Executive Director, Application Portfolio Management
Chief Information Security Officer
Instructional and Information Technology Services (IITS)