Removal of Phishing Message from Queen's Mailboxes - 200911 Archived
On Friday, September 11th, 2020 a number of malicious emails were sent to members of the Queen's community. In keeping with the Electronic Information Security Policy, these messages are being removed from all mailboxes using an automated feature in Office 365.

Please delete the message manually from your mailbox if you have received a copy.

If you are not using an Office 365 mailbox or forward your mail outside of Office 365, ITS is not able to automatically remove the malicious message.

If you received this message, clicked the link and entered your credentials, please securely change your NetID password immediately.

If you have any questions please contact the IT Support Centre at x36666.

We have provided part of the removed message for your reference at the bottom of this email. Most of the messages are replies to older messages but the message content is similar to the following samples:

---------------------------------------------------------------
BEGINNING OF REMOVED MESSAGE Example 1
Hi!
This is about our last dialogue. The contract has been updated, please check.
[LINK REMOVED]
Personal password: 1314
END OF REMOVED MESSAGE

or

BEGINNING OF REMOVED MESSAGE Example 2
Good afternoon!
It is on the topic of our recent conversation. I have made some edits. Please check:
[LINK REMOVED]
File password: 1314

END OF REMOVED MESSAGE

or

BEGINNING OF REMOVED MESSAGE Example 3

Hello!
This is about our last dialogue. Check out my presentation, please.
[LINK REMOVED]
Your password: 1314
END OF REMOVED MESSAGE