A few colleagues at other Canadian universities are warning about recent phishing emails that were sent out to their staff…  What made these ones different was that the people who setup the scam actually did some research before they sent out the emails.  When they sent the email, it used local terminology, the website looked and was themed exactly like their own REAL institutional pages, and the email claimed to be from real user names of IT staff (gleaned from an online phone book, or other online resources).

As it turns out, as soon as an account was compromised through this phishing scam, a deluge of SPAM was delivered through the University’s email system, resulting in them being added to a number of realtime blacklists (RBLs).

While we are sure most of our staff and students are getting pretty good at spotting phishing emails, we also believe that the bar is being raised pretty substantially.  We think, considering the VERY significant impact that it would have for us to be placed on multiple RBLs (effectively stopping us from delivering email to many of our students/prospects/associates), that we felt this warning should be taken seriously enough to warn everyone.

As always, please do not click on unsolicited links, even from Computer Services.  If you receive an unsolicited email from ANYONE that asks you to go to a web site, click on a link, or open an attachment, always contact the sender to verify its validity.

All Royal Roads websites use the .Royalroads.ca domain.  Anything that has a domain other then that like .Royalroads.university.rc should be avoided.

If you ever suspect that you might have been duped, please contact Computer Services IMMEDIATELY by phone at 250-391-2659 or 1-866-808-5429.  You might feel embarrassed, but we could prevent further damage if we are able to respond quickly.  Also remember that you won't be the first person to be fooled, and won't be the last one either.