Skip to main content

Protect yourself against malicious spam

As online threats multiply, here's how to be vigilant about unsolicited emails
May 17, 2017
By Jesse Coady

Emails claiming to be from a trusted institution such as your bank could be an attempt to defraud you. Emails claiming to be from a trusted institution such as your bank could be an attempt to defraud you.

Most of us are familiar with spam — unsolicited emails are a ubiquitous online nuisance. They’re usually not too vexing, however, thanks to the filters in our inboxes.

But as the threats to our online safety evolve, so too does the security problem posed by spam. Phishing scams, for example, are attempts by hackers to fool recipients into providing sensitive personal information.

North American security firms agree that the majority of online attacks involving malicious software or malware are the result of phishing scams. Ransomware for example, is a nefarious form of malware often derived from phishing emails, which blocks users from accessing their computers or files until a ransom is paid.

“Such attacks are part of the spectrum of malicious spam,” says Michel Robitaille, director of IT Architecture, Security and Planning at Concordia.

“This type of spam embeds malware script in attached documents or hyperlinks. This could be a Microsoft Word document, a spreadsheet, a java applet, an exe file or even a link in an SMS message.”

The malware compromises your computer and provides hackers with access to your data.

Presently, Concordia has existing servers that filter through all incoming email. According to a report generated by IITS, 54 percent of last year’s incoming 99,657,120 emails were identified as spam. Hackers however, are becoming increasingly competent in finding ways to evade our filters. 

Given the greater prevalence of online threats today, students, staff and faculty should be increasingly careful around spam.

Here are some key tips for staying secure:

  • Do not open or reply to unsolicited emails. Users should display the email header of a suspicious message to determine if the actual email address is the same as the one displayed.

    “Don’t reply by email, SMS or social media to any notices, whether they’re related to credit, bank, delivery, payment, computer corruption or tech support offers,” Robitaille adds.

  • Never give out personal information via email. A request for personal information from a trusted institution such as your bank or a payment system could be a sophisticated attempt by a hacker to defraud you. Institutions, companies and even Concordia will never request personal information by email. You should contact the institution directly by phone to ascertain the legitimacy of such messages. 

  • Don’t open attachments or links in emails. Links created by hackers will re-direct you to sites that will download malware on your computer. Always ascertain the written address of a hyperlink before clicking on it.


To report a suspicious email, contact the Concordia Service Desk.

Students can download free Sophos anti-virus software by visiting the MyConcordia Portal and selecting “Software and Applications.”


Back to top

© Concordia University