A recent phishing attempt on January 23, 2017 from "Web Master" with the subject line "Your account Queen's University Expired 23.01.2017,Update Before Deleted" indicated that the user's account certificate was about to expire and that they would need to either click or copy and paste a link to verify their credentials.

If you provide identifying information such as your NetID and password, your email address can be used to spam other email accounts or this information may be used to steal your identity and use your personal information.

To see a screenshot of the phishing email in question, please see the Phishing Samples page on the ITS website. This page outlines the details of how the email was identified as a phishing attempt. Departments and users are encouraged to discuss phishing and other social engineering tactics that are being received within their units. User education and behaviour is the best line of defense against successful attacks.

If you have received a phishing message requesting your NetID and password, please forward it to abuse@queensu.ca. ITS will never ask you to click a link to verify your NetID. If you have clicked on a link and entered your NetID password, you should change your password immediately and contact the IT Support Centre by calling 613-533-6666 or by filling in the Online Help Form (http://www.queensu.ca/its/helpform) for assistance.