Carnegie Mellon University

Report Concerns

Concern Type Required Action(s)

Suspect a computer you use for University related work or study is:

  • Compromised (un-authorized interactive access)
  • Infected by viruses, worms, or other malware
  • Attacking other systems
  • Mis-configured leading to security vulnerability or negative impact on University computing infrastructure

1. Follow the Procedure for Responding to a Compromised Computer

2. Email or call the ISO at (412) 268-2044.

Reporting an email scam or phishing attempt 

Email or call ISO at (412) 268-2044 and include:

or use the PhishAlarm Report Phish button

If you clicked on a phishing email link or attachment, follow the Procedure for Responding to a Compromised Computer

If you believe that you have been phished, follow the instructions for I Might Have Been Phished, What Do I Do?

If you report a phishing message and receive an error/bounceback, it may be because ISO is aware of the malicious message and has already put safeguards in place.

Reporting theft of a computer used for University related work or study

1. Report the theft to University Police

2. Email including relevant:

  • registered hostname(s)
  • physical (MAC) address
  • last time used on campus network pre-theft

Reporting electronic harassment involving a University affiliate OR a computer used for University work or study

File a complaint with University Police

Reporting a Digital Millennium Copyright Act (DMCA) violation 


Carnegie Mellon University Ethics Reporting Hotline

The hotline is NOT an emergency service.  For emergencies, call University Police at 412-268-2323 or 911.

Toll Free:1-877-700-7050

Via the Internet: (Username: tartans; Password: plaid)

Advisory Notification:  Note that the Information Security Office (ISO) may use email to alert you to an advisory situation; however, we will NEVER send attachments in e-mail messages as part of the initial notification. As a general rule, if you are in doubt about a message do not open it!