Columbia University Enterprise Risk Management Email – Scam or Legit?

Photo of author

Written by: Lapain Epuran

Published on:

Have you recently received an email claiming you were accepted into Columbia University’s Enterprise Risk Management (ERM) program? If so, you’re not alone. Many people received this email—even those who never applied—leading to confusion and concern about whether it was a scam or a legitimate communication.

This article will break down what happened, whether the email was real, and what to do if you received it.

1 3

What Was in the Email?

The email, sent from an official-looking Columbia University School of Professional Studies (SPS) address, congratulated recipients on their acceptance to the Enterprise Risk Management (ERM) program. It included:

  • A greeting from an admissions counselor, Olivia Colton
  • An invitation to attend an upcoming Director Dialogue event
  • A mention of Sim Segal, the program director
  • An offer to discuss the next steps via email or Zoom

For those who had actually applied to the program, this email would seem like fantastic news. However, many recipients never applied to Columbia, making the email highly suspicious.

Was It a Scam?

Given the circumstances, recipients immediately had concerns. Some common scam warning signs include:

Unsolicited Acceptance Letters – Universities don’t usually admit students who never applied.
Phishing Attempt Suspicions – The email asked recipients to engage via Zoom, raising concerns about scammers collecting personal information.
Data Leak or Fraud Concerns – Some worried their personal data had been compromised.

However, this was not a scam. Instead, it was an internal mistake from Columbia University.

Columbia University’s Response

Shortly after sending the acceptance email, Columbia University sent a follow-up email stating:

“I apologize for any confusion. Please disregard the last email you received, it was sent in error.”

This confirms that the original email was not a phishing attempt or scam, but rather an internal mistake—likely caused by an email list or database error.

2 3

Why Did This Happen?

There are several possible explanations for this mistake:

🔹 Technical Glitch – A system error may have caused the acceptance emails to be sent to unintended recipients.
🔹 Database Issue – Columbia University likely has a database of past applicants, event attendees, and inquiries. An error in filtering the mailing list could have resulted in the wrong people receiving the email.
🔹 Marketing Misfire? – Some speculated that it was a strategy to generate interest in the ERM program, but given Columbia’s response, this seems unlikely.

What Should You Do if You Received This Email?

If you received this email but never applied to Columbia University, here’s what you should do:

Ignore It – Columbia has already stated that it was sent in error.
Do Not Respond – There’s no need to reply or engage with the email.
Double-Check Email Details – If you applied to Columbia, confirm your status through their official portal.
Stay Alert for Scams – Even though this email was legitimate, similar tactics are often used by scammers. Never provide personal details unless you are sure of the sender.

Conclusion

If you received an email about your “acceptance” into Columbia University’s Enterprise Risk Management program, rest assured—it was not a scam, just a mistake from their admissions team. While it may have caused unnecessary excitement or confusion, there’s no action required on your part.

This situation serves as a reminder to always verify unexpected emails—especially those involving university admissions, financial aid, or job offers. If you ever have doubts, contacting the institution directly is the best approach.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.

Leave a Comment

Previous

GlycoShield – Scam or Legit? Read This Before Buying

Next

Winbases.com Crypto Scam Exposed – What You Need To Know