Phishing attack targets MAC ID holders


To all holders of a MAC ID:

Over the past week McMaster has been the target of a highly sophisticated phishing attack attempting to gather Mosaic log-in credentials. Victims receive an email advising them that their Mosaic access will expire unless they log in to Mosaic and activate their account. The email includes a link that takes victims to a website that is a copy of the Mosaic login page. Their username and password are stolen and the victim has no way of knowing the theft has happened.

How to defend yourself and McMaster

In the short-term, be extra vigilant and skeptical of all email messages containing hyperlinks.

  • Carefully examine all links before clicking/following
  • Be aware that the title or URL for a link may appear correct but the link behind it is in fact a different URL. If you hover your cursor over the link, the real URL should appear.
  • Always look for mcmaster.ca/ ,or at least .ca/ URL when accessing McMaster or Canadian websites. There should only ever be a “/” directly after the .ca. If there is anything else — such as a period “.” — then it is likely malicious.
  • A malicious URL may be different by only one or two characters
  • If you think you have been compromised, contact the UTS Service Desk (905-525-9140 ext. 24357) immediately

The recent attacks

Fortunately on each occasion sharp-eyed employees have noticed a small difference between the URL in the phishing email and the real URL. These observant employees contacted the UTS Service Desk and IT Security was able to intervene quickly.

Contact

UTS Service Desk

Phone: 905-525-9140 x24357 (2HELP)
uts@mcmaster.ca
Location: Main Campus BSB Rm. 245

UTS IT Security (P.S. make sure to hover your cursor over this link and confirm that it is a mcmaster.ca URL before following it.)