Cybersecurity Awareness Month: Strengthening Your Login Security
Monday, October 16, 2017
Cybersecurity Awareness Month: Have you been phished?
To: All faculty and staff
In a previous Ryerson test, 20 per cent of people were tricked into clicking a malicious link in an email. In our current campaign, we’ve started to send out fake phishing emails and another is on the way - did you spot and report them?
Chances to win a $200 gift card
We're so keen for you to learn about your impact on cybersecurity that we're giving away 5 gift cards of $200!
Here’s what you need to do for a chance to win:
- During October, report at least three Ryerson test phishing emails to spamrec@torontomu.ca, and
- Don’t click on suspicious links or open attachments in more than three of these emails.
Find the full contest details.
“I don’t open emails anymore, so I’m safe.”
Remember - it’s generally safe to open emails but clicking links and downloading attachments can be risky. Leaving emails unopened can help, but you may miss important messages, for example, from us! Instead, familiarize yourself on how to spot the malicious ones.
Your phish-spotting cheat sheet: Common traits of phishing emails
Check out our easy tips on how to spot phishing emails, report them and make one of those $200 gift cards yours.
- The sender's address is suspicious.
- The "To" field is blank or for another person.
- The email includes typos or grammatical errors.
- The message contains an urgent request for personal information.
- The message requires immediate action to avoid a problem like losing access to your Ryerson account.
- When you hover over a link or button in the email, it directs you to an address (usually suspicious) unrelated to the text in the link.
We've provided some samples to help you detect phishing emails. Many of these examples are derived from actual phishing emails that were sent to Ryerson email addresses. The links in these examples have been slightly modified to make them less dangerous but please don't attempt to visit these sites!
Suspicious senders
Here is an example of an email that claims to be from FedEx where the actual address is from specweldfab.revitalsite.comabc.
It’s always worth taking a moment to carefully check the full email address of the sender.
Urgent requests for personal information
Here’s an example of an urgent request:
This fake message includes tell-tale grammatical errors and demands you take action to avoid losing access to your account.
Suspicious links
Hovering over a link with your mouse and carefully checking the URL is one of the best ways to detect a phishing email. If you are using a tablet or smartphone, carefully press and hold the link, rather than tap, to reveal the true URL. Here's an example of a link that goes to a fake Ryerson login page hosted in a server in another country.
If you hover over the link without clicking you will see a very long URL (it may appear in the bottom-left of your browser) like this:
It may remind you of what you see in the location field of your browser when you log into the my.ryerson.ca portal - but it is not the same. Here is the valid address that you see when you login to my.ryerson.ca:
https://cas.ryerson.ca/login?service=https%3A%2F%2Fmy.ryerson.ca%2FLogin
Aside from the fact the fake link is longer, how can you tell which one is a link to a server at Ryerson and which one is not?
- The legitimate URL has a forward slash after cas.ryerson.ca/
- Another give away is that the fake URL starts with http:// while the valid one starts with https://. Ryerson login pages will always start with the secure https://
Think that was too easy?
Here is a fake URL that has been well-crafted to look like a Ryerson address:
https://cas-ryerson.com/login?service=https%3A%2F%3Fmy.ryerson.ca%2FLogin
Notice how a hyphen has replaced the dot and the hostname ends in .com instead of .ca.
If you aren't sure about a link, type a link that you know is correct like my.ryerson.ca or fedex.com into the location bar of your browser instead of clicking.
What about Google Apps links?
The Ryerson community makes extensive use of Google Apps including Drive, Calendar, and Groups. The URLs for these applications can be very long but they all start with a hostname that ends with .google.com:
The hostname always ends before the first forward slash with .google.com/
Some attackers have used personal Google accounts and Google Forms to try to get people to "login" to a Google Form. This is relatively easy to spot because Google Forms don't look like Ryerson's or Google's login screens. Google has even added a warning at the bottom of every Google Form that says: "Never submit passwords through Google Forms."
Report a phishing email
- Forward the email to spamrec@torontomu.ca; (If you know how to forward the complete headers of the email please include them.)
- Delete the email from your mailbox without clicking on any hyperlinks or attachments.
Questions?
Visit the Cybersecurity Awareness Month campaign page for more on building your online self-defence and for chances to win prizes.
If you have further questions, please contact the Computing and Communications Services Help Desk at help@torontomu.ca or 416-979-5300, ext. 556806.
Monday, October 16, 2017
Cybersecurity Awareness Month: Have you been phished?
To: All students
In a previous Ryerson test, 20 per cent of people were tricked into clicking a malicious link in an email. In our current campaign, we’ve started to send out fake phishing emails and another is on the way - did you spot and report them?
Chances to win a $200 gift card
We're so keen for you to learn about your impact on cybersecurity that we're giving away 5 gift cards of $200!
Here’s what you need to do for a chance to win:
- During October, report at least three Ryerson test phishing emails to spamrec@torontomu.ca, and
- Don’t click on suspicious links or open attachments in more than three of these emails.
Find the full contest details.
“I don’t open emails anymore, so I’m safe.”
Remember - it’s generally safe to open emails but clicking links and downloading attachments can be risky. Leaving emails unopened can help, but you may miss important messages, for example, from us! Instead, familiarize yourself on how to spot the malicious ones.
Your phish-spotting cheat sheet: Common traits of phishing emails
Check out our easy tips on how to spot phishing emails, report them and make one of those $200 gift cards yours.
- The sender's address is suspicious.
- The "To" field is blank or for another person.
- The email includes typos or grammatical errors.
- The message contains an urgent request for personal information.
- The message requires immediate action to avoid a problem like losing access to your Ryerson account.
- When you hover over a link or button in the email, it directs you to an address (usually suspicious) unrelated to the text in the link.
We've provided some samples to help you detect phishing emails. Many of these examples are derived from actual phishing emails that were sent to Ryerson email addresses. The links in these examples have been slightly modified to make them less dangerous but please don't attempt to visit these sites!
Suspicious senders
Here is an example of an email that claims to be from FedEx where the actual address is from specweldfab.revitalsite.comabc.
It’s always worth taking a moment to carefully check the full email address of the sender.
Urgent requests for personal information
Here’s an example of an urgent request:
This fake message includes tell-tale grammatical errors and demands you take action to avoid losing access to your account.
Suspicious links
Hovering over a link with your mouse and carefully checking the URL is one of the best ways to detect a phishing email. If you are using a tablet or smartphone, carefully press and hold the link, rather than tap, to reveal the true URL. Here's an example of a link that goes to a fake Ryerson login page hosted in a server in another country.
If you hover over the link without clicking you will see a very long URL (it may appear in the bottom-left of your browser) like this:
It may remind you of what you see in the location field of your browser when you log into the my.ryerson.ca portal - but it is not the same. Here is the valid address that you see when you login to my.ryerson.ca:
https://cas.ryerson.ca/login?service=https%3A%2F%2Fmy.ryerson.ca%2FLogin
Aside from the fact the fake link is longer, how can you tell which one is a link to a server at Ryerson and which one is not?
- The legitimate URL has a forward slash after cas.ryerson.ca/
- Another give away is that the fake URL starts with http:// while the valid one starts with https://. Ryerson login pages will always start with the secure https://
Think that was too easy?
Here is a fake URL that has been well-crafted to look like a Ryerson address:
https://cas-ryerson.com/login?service=https%3A%2F%3Fmy.ryerson.ca%2FLogin
Notice how a hyphen has replaced the dot and the hostname ends in .com instead of .ca.
If you aren't sure about a link, type a link that you know is correct like my.ryerson.ca or fedex.com into the location bar of your browser instead of clicking.
What about Google Apps links?
The Ryerson community makes extensive use of Google Apps including Drive, Calendar, and Groups. The URLs for these applications can be very long but they all start with a hostname that ends with .google.com:
The hostname always ends before the first forward slash with .google.com/
Some attackers have used personal Google accounts and Google Forms to try to get people to "login" to a Google Form. This is relatively easy to spot because Google Forms don't look like Ryerson's or Google's login screens. Google has even added a warning at the bottom of every Google Form that says: "Never submit passwords through Google Forms."
Report a phishing email
- Forward the email to spamrec@torontomu.ca; (If you know how to forward the complete headers of the email please include them.)
- Delete the email from your mailbox without clicking on any hyperlinks or attachments.
Questions?
Visit the Cybersecurity Awareness Month campaign page for more on building your online self-defence and for chances to win prizes.
If you have further questions, please contact the Computing and Communications Services Help Desk at help@torontomu.ca or 416-979-5300, ext. 556840.
