Please be advised of an identified phishing email campaign targeting Carleton faculty and staff.  The scam could appear to be from Human Resources. The emails may look legitimate or include familiar information related to Carleton University. The attackers are trying to trick our users and get them engaged in discussions.

These emails include attachments that are malicious and should not be opened.

If you have received such an email, please delete the message without opening the attached files. If you have opened the email and the attachments, please disconnect your computer from the network and contact the ITS Service Desk or your departmental computer support for assistance.

How can you tell if an email or online post is a scam? 


  • Appears to come from someone at the University, but has an [external email] tag
  • Requires a fee to apply for a job or asks you to send money – Bitcoin, gift card, cheque, etc.
  • Requests your password or directs you to a webform asking for your password
  • Has an immediate action such as “download this now” or “click on the link below”
  • Tries to invoke an emotional response to get you to take an action without thinking
  • Is filled with spelling and grammatical errors

For more information on scams and how to protect yourself, visit the Canadian Anti-Fraud Centre.

Contact the ITS Service Desk at:
Phone: 613-520-3700