Don’t let Cyber Criminals Turn You into a Grinch this Holiday Season
You may be looking forward to the holiday season but cybercriminals can quickly turn you into a Grinch. Be aware of common cyber scams and protect yourself from malicious attempts.
Job Scams Heading link
Cybercriminals are targeting students eager for work with fraudulent job offerings that attempt to steal sensitive information or request funds in the form of cash transfers, Bitcoin payments, or gift cards.
Crafty scammers can use sophisticated technology to create realistic communications that can fool you. We understand that identifying the legitimacy of an email can be difficult, especially when scammers can hack or mimic UIC email addresses. However, students can look for these red flags to help determine its validity.
Spot the Scam Heading link
- Too good to be true – The job’s description is usually vague and will offer a large amount of money for very little work. See examples of recent attempts.
- Written poorly – The emails are usually full of typos, not written in professional language and use very casual greetings or closing words.
- Ask for sensitive data – If you start to engage, scammers may ask you to purchase something, provide them with sensitive data or personal bank account information through a link, fake webpage, or an online “job” application.
- Request money, gift cards or fund transfers – Scammers will email you a check to print, ask that you deposit it in your bank account, and send funds back via bank transfer, gift cards or Bitcoin. This should be an immediate red flag. The checks are fraudulent and you may be stuck with bank fees and headaches.
- Ask to use another email – You may be asked to contact individuals through a non-university email such as a Hotmail or Gmail address. Scammers are also not available to speak on the phone if you ask to call them.
Phishing emails Heading link
Evaluate each email carefully and perform your research. Do not respond to emails that seem suspicious. If you are unsure if an email is fraudulent, forward the email to email@example.com so it can be investigated and shared with the community.
Email & Phishing Heading link
Phishing emails are a type of email scam where an attacker impersonates a person, company, brand, organization, or other entity with the goal to get you to click on a link or open a file attachment. These emails can appear authentic and can fool almost anyone.
Links and attachments in phishing emails have one goal: to steal information. Links will take you to a landing page encouraging you to sign in using your login credentials. Opening malicious file attachments can install malware to your computer that is meant to record your keyboard activity and steal data. Common phishing scams include:
Spot the Phish Heading link
- Password Notifications – Emails claiming you requested a password change and to log in immediately to cancel the request.
- Voicemail Messages – Scammers try to trick you into opening an audio attachment or logging into a fake website claiming you have an urgent voicemail.
- Shipping notifications – Be aware of emails impersonating shipping companies with fake delivery notifications or shipping status alerts.
- Receipts & invoices – Scammers posing as popular online retailers, such as Amazon, send emails with a fake receipt or invoice attachment.
- Gift card & prize scams – If you receive an email that you won a gift card, be very careful especially if you do not remember entering a contest. The scammers will state you need to pay a “processing fee” via bank transfer before getting the “prize money” deposited to your bank account.
- Zoom blackmail scam – Technically, this is not a phishing scam but this email scam tries to prey on your fears. With the increased adoption of Zoom in the higher learning industry, this scammer claims they recorded you during a recent Zoom meeting while you were in a compromising or embarrassing situation. The scammers threaten to release the recording unless you make a payment or send money.
To prevent falling victim Heading link
Don’t open attachments from suspicious senders, do not click on unknown links, and avoid entering login credentials on unfamiliar pages.
Phone & Text Scams Heading link
Unfortunately, criminals are posing as charities, banking institutions, healthcare organizations, and even local authorities. Criminals are getting more creative and brazen each day. Be aware of these phone scams:
Phone & Text Scams Heading link
- Robocalls – Calls from cybercriminals pretending to be government organizations, family members in distress, banks/credit card companies etc. usually with an immediate need or request for money or payment.
- Robocalls are less easy to detect than they used to be as the caller ID can be adjusted to make it look like the call is coming from your area code, and even real telephone numbers.
- These scammers can be very aggressive, and state immediate payment is required through bank transfers, gift cards or Bitcoin.
- Text messages – Fake text messages with fraudulent messages and claims. Messages claim you’ve come into contact with someone who has tested positive for COVID-19 or you initiated a large bank transfer. These texts can contain a website link that claims to provide information.
- If you receive a text like this, do not click on the link or share any sensitive information.
- Charity scams – Charities you don’t recognize may be asking for donations. While it is great to give back, scammers take the opportunity to mask themselves as charitable organizations.
- Verify all charities on the IRS tax exemption site before donating.
Need Support? Heading link
- If you receive phishing/scam emails or calls and have given or entered your NetID and password or other personal information, please immediately change your password at identity.uillinois.edu and contact firstname.lastname@example.org with the details.
- If you receive phishing/scam emails or calls and purchased gift cards, Bitcoin or deposited a fraudulent check, please contact UIC Police for assistance at 312-996-2830 or visit police.uic.edu.
- If you receive a scam telephone call, hang up, block the number and call UIC Police to report it at 312-996-2830.
- If in doubt, email email@example.com with any questions.
Thank you in advance for your support to deter and prevent cyber attacks.