Phishing, social engineering attacks ramp up over holiday season

Phishing, social engineering attacks ramp up over holiday season

December 16, 2021


As campus is now in one of its busiest times of the year, hackers and cyber criminals are increasing their efforts to gain unauthorized access to your accounts. Scams may arrive as email, text, phone, and social media messages. They are continually adapted to target university communities through phishing, gift card scams, phony holiday invitations and messages, and fraudulent offers for seasonal employment.

Email scams can originate from on-campus email accounts that have been compromised, or off-campus accounts that pose as legitimate Queen's (or other business) correspondence. Other scams, such as text messages, social media, and telephone scams, can come from names and numbers that you recognize (called “spoofing”). For example, someone might pose as Information Technology Services alerting you that your account will be closed if you don't immediately act.

How do I know if it’s phishing?

Remember, it is likely a phishing attempt if:

  • You are unsure of the source of a message
  • You do not recognize the sender
  • You are not expecting a message from that sender
  • You do not know what the message is referring to, or;
  • You do not recognize a link or attachment

What should I do?

If you are suspicious of a message, please do not click on any links or attachments included within the message. You should always navigate directly to a website's login page from your internet browser and not via email links.

If you feel an email might be suspicious, it is better to be cautious and report the email to Queen’s email team for further investigation. There is no harm in reporting an email even if it turns out to be legitimate.