During these extraordinary times when the reliance on working and studying remotely has increased greatly, so too has the number of phishing messages.

ITS wants to remind all members of the Carleton community to be extra vigilant with any email messages you receive, or any websites that you visit.

Phishing attempts can be made to look like the message came from a colleague, supervisor, manager or other university official. They can be made to look like a meeting or video conferencing request, an invoice or other document, an offer for services, or a call for help or assistance.

How can you tell if emails or online posts are scams?

  • If the email appears to come from someone at the university, but has an [External Email] tag, it may be a phishing message.
  • The sender asks to send money/or other form of money such as Bitcoin, gift cards, cheques, etc.
  • Asks you for your password or directs you to a webform asking for your password
  • The subject line is in all caps
  • There is a call for immediate action – “download this now” or “confirm your email identity now” or “Action  Required:
  • deposit your money, Start Claim” or “click on the link below”
  • There are spelling or grammatical errors in the email
  • if you respond to phishing messages, you may be asked to purchase gift cards or bitcoins for the individual.  Do not send gift cards or other monies, and do not reply or respond to the message or engage with the individual.

If you have already responded to a phishing email, please contact the ITS Service Desk immediately.