Please beware of recent phishing emails circulating on campus that appear to be from our President in which you are asked to purchase gift cards. These messages are NOT from the President of the university.

If you receive a suspicious message, do not click on any links and do not reply.

See an example of this phish below. Note two things that expose it as a phishing attempt:

  1. The email address beside the name. This does not come from a Carleton University address. On a mobile device the email address may not be immediately visible. Most devices have an option to show the address, such as tapping and holding on the name, or tapping on view details.
  2. The [External Message] tag. This indicates that the email originated from outside of the university’s email systems.

How can you tell if an email that appears to be from Carleton is a scam?

  • The email has an [External Email] tag.
  • It has a non-Carleton address beside the name.
  • The subject line is in all caps and the email is filled with grammatical errors.
  • The sender asks you for money or some form of payment.
  • The message attempts to create a sense of urgency.
  • The email asks you for your password or directs you to a webform asking for your password, or other personal information.

When in doubt, use another form of communication (i.e. telephone call or messaging application) to confirm the message authenticity

If you suspect you may be a victim of a phishing campaign, please change your password immediately and report it to the ITS Service Desk at 613-520-3700.

Please visit  IT security web page for more tips on protecting yourself online.

October is Cyber Security Awareness Month – Get Cyber Safe!