Main navigation

News

Phishing Alert: Staff and Student Employment

Published: 10 December 2025

A phishing email is circulating among the McGill community. See details below. If you receive it, please do not interact with it.

If you have already filled out the Google Form associated with this email and submitted personal and financial information, including your McGill password

Call the IT Service Desk at (514) 398-3398.

Change your McGill Password immediately.

Follow the McGill Password Reset Checklist.
Immediately contact your bank(s), following these instructions: I interacted with a phish or downloaded a suspicious file.

Example of the phishing email:

From/Alleged Sender: Multiple Gmail accounts were used.

Subject of Message:

STAFF AND STUDENT EMPLOYMENT

Additional phishing emails may use variations of this subject line, including:

CONTEST STUDENT OPPORTUNITY
STUDENT OPPORTUNITY

Description of the Attack:

A phishing email is circulating, asking you to take the following action(s):

Download/Open a file
Click a link that brings you to fill a Google form

The Google form is a fraudulent attempt to collect personal and financial information while masquerading as a job offer as a personal assistant.

Providing the requested information to the attacker could lead to financial fraud, and your McGill account being compromised.

Key Awareness Information:

When you find suspicious emails in your Inbox, report them immediately by using the Report Phishing button in Outlook.

Never click on a link, file share, or open attachments from someone you don't recognize or if you're not expecting the message – people you know can be “spoofed” by attackers or could have their accounts compromised.

If you previously noticed an email or message but can’t find it anymore, it was likely already removed from your McGill mailbox or Teams chats as part of our continuous efforts to protect the McGill community from attacks.