How can I differentiate between legitimate notices from U of T and possible phishing emails?

While the Digital Workplace will be sending out legitimate notices to community members regarding their email accounts, it is important to remember that malicious actors often disguise fraudulent emails as email upgrade notices. For this reason, please note that legitimate UTORmail end of service notices will always meet the following criteria:  

  • Notices will be sent from a U of T departmental utoronto.ca email address, a U of T listserv or your local IT staff (if applicable).  
  • Notices will indicate which unit or department of the University you can contact for more information.  
  • Notices will NOT ask you to upgrade an eligible email account by:  
      • Responding to an unsolicited email with personal information.  
      • Opening an email attachment.  
      • Clicking on a button embedded in an email, or a link in an email that conceals its destination (such as links that say “click here“).  
      • Sending a text/SMS message. 

If you receive an end of service notice that does not meet these criteria, do not respond to it or click on any links it contains. Forward it on to the Information Security team at report.phishing@utoronto.ca and then delete the emailReminder: The University of Toronto will NEVER ask you to divulge your passwords to its staff in order to gain access to systems.

For more information on phishing and protecting yourself online, please see Information Security’s Security Matters website.

This entry was posted in . Bookmark the permalink.