IT would like to remind staff to use caution when opening email from unknown senders. The College was recently targeted with a number of phishing email messages sent from an account impersonating the Langara IT Service Desk.
Phishing is the attempt to acquire sensitive information such as usernames, passwords, or credit card details by masquerading as a trustworthy person.
Users were asked to click on a link to log into a website owned by hackers. After entering the user id and password, employee email accounts were compromised.
Below are some tips to help identify a suspicious email.
- Look at the sending address of the email (not the display name)
When looking at email, don’t rely on the display name of the sender - look at the real sending address. If it’s from Langara, it should come from @langara.bc.ca or @langara.ca. - Check the Reply-to address (if it exists)
SPAM or phishing emails often redirect replies to another email address. If the reply-to address does not use the same domain as the sending address, chances are this email was not genuine. - Always look for the lock symbol and https:// in the address of a website
When logging into a website, always look for the lock symbol and https:// ( not http:// ) to make sure the page is secure (uses a security certificate) before entering any passwords. - Check the URL of the website
Langara websites end in a Langara domain, such as “www.langara.ca/” or “d2l.langara.bc.ca/”. For example, “langarahelpdesk-2383823.co.nf/” is not a website associated with Langara College.
You can find out more about Cyber Security in our AskIT Knowledge base. If you have any questions or are unsure about an email, please submit a ticket using our Cybersecurity service on AskIT.