Skip to McMaster Navigation Skip to Site Navigation Skip to main content
McMaster logo

Office of the AVP & CTO




Phishing is a type of online attack in which an attacker — using both technological and psychological tactics — sends one or more individuals an unsolicited email, social media post, or instant message designed to trick the recipient into revealing sensitive information or downloading malware.  

 Phishing attacks can be generic or customized, and can target both individuals and entire organizations. Attacks that target a specific individual or organization are commonly referred to as spear phishing attacks.  

The main goal of a phishing attack is to get the individual to do something that compromises the security of their system and/or potentially their organization. To stop attackers achieving this, when you receive a suspicious email: 

  • DO NOT open email attachments that contain malware
  • DO NOT click on a link that leads to a fake website or page that installs malware
  • DO NOT enter user names and passwords or other sensitive information on a fake website
  • DO NOT reply to phishing emails with confidential information such as login credentials

If you do fall victim to a phishing scam, do not be embarrassed. Report any and all suspicious email messages to

If you have opened any suspicious emails, links or attachments please report it to the UTS Service Desk.

Complete the McMaster UTS Phishing Course on Avenue to Learn:

Information Box Group