ITS has received reports of phishing and malware-related emails targeting the Carleton community. These messages include an attachment, most often a Zip file that contains a Microsoft Word, or Microsoft Excel Document. When opened, this Microsoft Office document will prompt you to enable Macros in order to properly view the message, but will infect your computer with malware. These emails could appear to be from someone you know, or could be impersonating another member of the community.
The prompt to Enable Macros differs between Microsoft Office applications and versions, but may look like the one below.
If you receive emails with attachments, please be cautious and do not open the attachment if you do not know the sender. If you are not expecting an attachment from the sender we would suggest you reach out separately to the sender to confirm that it is legitimate.
If you have opened attachments that prompt you to enable macros, please disconnect your computer from the network and immediately contact the ITS Service Desk or your departmental computer support for assistance.
How can you tell if an email or online post is a scam?
- Appears to come from someone at the University, but has an [External Email] tag
- Requires a fee to apply for a job or asks you to send money, Bitcoin, gift card, cheques, etc.
- Requests your password or directs you to a webform asking for your password
- Has an immediate action such as “download this now” or “click on the link below”?
- Tries to invoke an emotional response to get you to take an action without thinking
- Is filled with spelling and grammatical errors
For more information on scams and how to protect yourself, visit the Canadian Anti-Fraud Centre .
Contact the ITS Service Desk: