Posted on: January 15, 2021
In December 2020, just before the winter break, 17 unsuspecting TRU employees opened a malicious email message and clicked on a scam link. Once IT Services was informed of the scam (at infosecurity@tru.ca), they were able to stop several thousand more malicious emails from being sent. That’s the good news.
The bad news? Enough damage had already resulted from those 17 clicks that TRU was blacklisted from many mail servers, including Gmail, Hotmail, Yahoo and a variety of universities, other public bodies and corporations.
As a result of this blacklisting, some faculty could not email their students. Employees had difficulty emailing government contacts, hospitals, other universities and more. It crippled several people’s ability to do their work. And ITS staff spent over 60 hours correcting this one incident to bring TRU mail servers back online.
The reality is that clicking one bad link is not harmless, and the impacts reach beyond the risk to the confidentiality of information. When in doubt, please don’t click.
What can you do?
- Always be extra careful when emails include a link or document.
- Watch for the new yellow banner (see below) that will appear on all external emails. If this banner accompanies what looks like an internal email, there is a problem.
- Notify IT of any suspicious emails by clicking the Report Spam button in Outlook or forwarding the message as an attachment to infosecurity@tru.ca.
- Please complete the mandatory Information Security Awareness training. Watch for upcoming sessions or request training from infosecurity@tru.ca.
- Learn some tips on how to spot scam emails in IT’s blog post on a recent DocuSign phishing scam.
