The York College Community experiences cyber attacks via Phishing emails on a frequent basis. One type of Phishing Email come as emails to administrative staff members claiming to be from employees asking to change their direct deposit information for the next payroll. While many attacks have been recognized and stopped, one was successful in deceiving YCP staff members into changing the direct deposit information for one employee and resulted in that person’s direct deposit being sent to the attacker’s bank account.

Hackers recognize that employees at many higher education institutions are currently in the midst of work environment changes brought on by COVID-19 and are looking to take advantage of the confusion and extra workload that it has caused. Please be vigilant and remain suspicious of all emails that ask you to click a link, change an employee or student record, or send money or gift cards.

Spot a phishing email

  • Mismatched Email Address - Ensure that the email address displayed in the “From:” field matches the sender’s name and email address. All employees should be using their YCP email address to communicate with other employees, not a personal address.
  • Urgent Request - Phishing attacks will attempt to rush you into taking action before you can verify the request. They will appear to come from a person or department with authority, such as Human Resources, the president or a dean.
  • Bad Spelling or Grammar - Phishing messages are known for containing misspellings or poor grammar
  • Generic Signature Line - Emails from YCP employees usually have a signature line at the bottom with a name you can verify and valid contact information.
  • Unexpected Request - Demands for employee or student information or requests to purchase gift cards.

If you receive a suspicious email...

  • Verify the Request - Look up the sender in the employee directory and ask them if their request is valid.
  • Contact us - Forward the email to and let us know if you took any action based on the email or provided any information.
  • Delete the Message - Once forwarded, we'll have what we need to investigate.