UBC issues warning about OneClass phishing attempts

The OneClass Chrome extension, installed by students, has been sending spam promotion emails via Connect to students for the past month. The extension has the ability to collect any personal information — including CWL credentials entered using Chrome.

On November 24, UBC students from a number of courses such as CPSC 221 and POLI 101 received a spam email from do-not-reply@it.ubc.ca, encouraging them to sign up for OneClass, on a subthread called “OneClass Referral Email from do-not-reply@it.ubc.ca” on the UBC Reddit.

The email read, “Hey guys, I just found some really helpful notes for the upcoming exams for UBC courses at [URL].  I highly recommend signing up for an account now that way your first download is free!

This is not the first incident of OneClass spam emails. Students in the Class of 2020 Facebook group have reported receiving spam emails from OneClass in September as well.

These breaches have raised heated disputes over privacy and security issues regarding UBC servers.

“They’re obviously using shady marketing tactics and this time they went too far. This wasn't a misguided UBC student, it was literal abuse on behalf of the corporation,” said Reddit user “Kinost” on the thread. 

On November 2, The Ubyssey first reached out to UBC Information Technology (IT). “At this point, all I can share is that yes, an issue was identified and the university has taken steps to ensure it cannot happen again,” said Lida Mosadegh, communications manager at UBC IT. 

UBC IT has decided not to comment further.

“UBC has no affiliation with OneClass nor does it allow the use of this software under Policy #104 – Acceptable Use and Security of UBC Electronic Information and Systems,” stated the latest update about this issue on the UBC IT Bulletins

With that update, UBC IT advises any students who have installed the OneClass Chrome extension to delete it and reset their CWL password, as well as any other passwords they entered while using Chrome. 

“There is significant risk for identity theft if the OneClass Chrome extension is not immediately uninstalled followed by the student changing all of their affected passwords,” said the update.

“This issue has affected universities across North America. UBC is working on the issue with other Canadian institutions affected,” said Matthew Ramsey of UBC public affairs in an emailed statement.

UBC has since sent out a warning email urging students not to click the links or download anything mentioned in the email, as well as a set of precautionary steps that students who already did so should take to prevent compromising their systems.

The email that UBC sent out warning students of the OneClass extension.
The email that UBC sent out warning students of the OneClass extension. Screenshot courtesy UBC email

OneClass could not be reached for comment.