Faculty, staff and students are being asked to be on alert for any possible phishing emails requesting UBC credentials.
The UBC Integrated Service Centre and the UBC Cybersecurity team have identified a sophisticated phishing website designed to closely mimic the UBC CWL authentication site and UBC Workday system. The site appears to be created to capture CWL user credentials.
We are reminding all members of the UBC community to be vigilant and suspicious of any email that asks you to click on links that require you to enter your UBC credentials. If you receive an email asking you to log in to Workday or any other system at UBC, please note the following:
- Emails received from senders outside UBC will usually have a yellow banner stating [CAUTION: Non-UBC Email] at the top. If you receive an email requesting you to log in to a UBC system, and that email has a yellow banner, it means it is not from UBC and you should report the email to UBC Cybersecurity immediately at security@ubc.ca
- Always take a moment to verify the legitimacy of any link before clicking. If you receive an email requesting you to log in to a UBC system, the safest approach is to navigate to the system log in page via trusted UBC sources and websites, rather than clicking on links embedded in the email.
- The correct UBC Workday URL is hxxps://myworkday.ubc.ca which will take you to the official CWL login URL for Workday starting with hxxps://authentication.ubc.ca
- Please check any email claiming to be from Workday to ensure that the URL matches exactly. If you receive a new or unfamiliar email notification that asks you to log in to Workday (especially if it conveys a sense of urgency or requires you to enter personal details), and you cannot navigate to the site via other means, double-check the URL to ensure it is a trusted UBC website.
- If you encounter anything suspicious or you have accidentally provided your credentials, please report this immediately to UBC Cybersecurity at security@ubc.ca
For more information, please review our resources on phishing emails here: hxxps://privacymatters.ubc.ca/phishing-emails
Thank you for your continued attention to cybersecurity and for helping to protect the UBC community.
Jennifer Burns
Associate Vice-President, Information Technology
Chief Information Officer
Don Thompson
Chief Information Security Officer
This message was sent to faculty, staff and students in Vancouver and the Okanagan.
UBC Broadcast is used to communicate time sensitive, organization-wide information to faculty, staff and students. Learn more