Cybersecurity related to the Canvas incident

Report a suspicious email

The 2026 Canvas incident calls for extra caution around social engineering and phishing attempts.

Phishing is a type of fraudulent communication that tries to get the recipient to click a malicious link, call a scammer’s phone number, enter password credentials or send money.

To ensure the continued security of your personal information and following best practices, we advise you to update your account password at your earliest convenience.

Examples of phishing attempts you may see

  • Fake security alerts/urgent password reset requests: Log directly into Canvas to check access and view any notifications on the application. If you’re unable to access Canvas, visit the NetID center at https://identity.uillinois.edu to manage your password, MFA and account recovery options.
  • Ransomware or extortion scams: Do not click any links. Report the scam to university cybersecurity using the instructions in the Answers KnowledgeBase.
  • Impersonation attempts: Do not respond to anyone (e.g., instructor, Instructure (Canvas’ parent company), etc.) asking for your personal information, account information, or credentials or click on links. If you are concerned, verify with a reliable resource using a known phone number, website, or known email address.
  • Fake assignment links: Log directly into Canvas to review assignments.
  • Fake grade notices: Rather thank clicking the link, log directly into Canvas to review grades.

To avoid being phished

  • Secure your password: Keep your password private.
  • Slow down: don’t let urgency push you into a hasty click. Read carefully. If a message contains an emotional appeal, like a threat intended to scare you or a plea for help, it may be a scam.
  • Hover before you click: hovering over a link reveals the real destination URL. Only click on or download email attachments from people or companies you know.
  • Don’t click on unfamiliar links: Visit official company websites by typing their URL (website address) directly into a browser.
  • Don’t reply: Don’t reply directly to a suspicious message or use the contact information it provides. Follow up using a different, trusted means of communication, like calling a verified number, starting a new message thread to a known address or visiting a valid website.
  • When in doubt, delete it: it’s always safer to ignore a suspicious message

If you think your account has been compromised, email security@illinois.edu.

Technology Services
1211 Digital Computer Lab
1304 W. Springfield Ave.
Urbana, IL 61801
Email: consult@illinois.edu
Office of the Chief Information Officer
Privacy Statement