Be Aware of Cyber Scams
Common cyber scams targeting UIC students, faculty and staff
You may be looking forward to the semester but cybercriminals can quickly turn your academic year upside down. Be aware of common cyber scams and protect yourself from malicious attempts.
Cybercriminals are targeting students eager for work with fraudulent job offerings that attempt to steal sensitive information or request funds in the form of cash transfers, Bitcoin payments, or gift cards.
Crafty scammers can use sophisticated technology to create realistic communications that can fool you. We understand that identifying the legitimacy of an email can be difficult, especially when scammers can hack or mimic UIC email addresses. However, students can look for these red flags to help determine its validity.
- Too good to be true – The job’s description is usually vague and will offer a large amount of money for very little work.
- Written poorly – The emails are usually full of typos, not written in professional language and use very casual greetings or closing words.
- Ask for sensitive data – Scammers may ask you to purchase something, provide them with sensitive data or personal bank account information through a link, fake webpage, or an online “job” application.
- Request money, gift cards or fund transfers – Scammers will email you a check to print, ask that you deposit it in your bank account, and send funds back via bank transfer, gift cards or Bitcoin. This should be an immediate red flag. The checks are fraudulent and you may be stuck with bank fees and headaches.
- Ask to use another email – You may be asked to contact individuals through a non-university email such as a Hotmail or Gmail address. Scammers are also not available to speak on the phone if you ask to call them.
Please do not respond to these emails if they seem suspicious. Evaluate each email carefully and perform your research. If you are unsure if an email is fraudulent, forward the email to firstname.lastname@example.org so it can be investigated and shared with the community. Thank you in advance for helping prevent cyber attacks.
Email & Phishing
Phishing emails are a type of email scam where an attacker impersonates a person, company, brand, organization, or other entity with the goal to get you to click on a link or open a file attachment. These emails can appear authentic and can fool almost anyone.
Links and attachments in phishing emails have one goal: to steal information. Links will take you to a landing page encouraging you to sign in using your login credentials. Opening malicious file attachments can install malware to your computer that is meant to record your keyboard activity and steal data. Common phishing scams include:
- Password Notifications – Emails claiming you requested a password change and to log in immediately to cancel the request.
- Voicemail Messages – Scammers try to trick you into opening an audio attachment or logging into a fake website claiming you have an urgent voicemail.
- Shipping notifications – Be aware of emails impersonating shipping companies with fake delivery notifications or shipping status alerts.
- Receipts & invoices – Scammers posing as popular online retailers, such as Amazon, send emails with a fake receipt or invoice attachment.
- Gift card & prize scams – If you receive an email that you won a gift card, be very careful especially if you do not remember entering a contest. The scammers will state you need to pay a “processing fee” via bank transfer before getting the “prize money” deposited to your bank account.
- Zoom blackmail scam – Technically, this is not a phishing scam but this email scam tries to prey on your fears. With the increased adoption of Zoom in the higher learning industry, this scammer claims they recorded you during a recent Zoom meeting while you were in a compromising or embarrassing situation. The scammers threaten to release the recording unless you make a payment or send money.
What to Do
To prevent falling victim to email scams, examine your emails very carefully! Don’t open attachments from suspicious senders, do not click on unknown links, and avoid entering login credentials on unfamiliar pages.
Phone & Text Scams
Unfortunately, criminals are posing as charities, banking institutions, healthcare organizations, and even local authorities. Criminals are getting more creative and brazen each day. Be aware of these phone scams:
- Robocalls – Calls from cybercriminals pretending to be government organizations, family members in distress, banks/credit card companies etc. usually with an immediate need or request for money or payment. Robocalls are less easy to detect than they used to be as the caller ID can be adjusted to make it look like the call is coming from your area code, and even real telephone numbers. These scammers can be very aggressive, and state immediate payment is required through bank transfers, gift cards or Bitcoin.
- Text messages – Fake text messages telling the recipient that they’ve come into contact with someone who has tested positive or shown symptoms for COVID-19 are being reported. These texts can contain a website link that claims to provide information. If you receive a text like this, do not click on the link or share any sensitive information.
- Charity scams – Charities you don’t recognize may be asking for donations. While it is great to give back, scammers take the opportunity to mask themselves as charitable organizations. Verify all charities on the IRS tax exemption site before donating.
Be aware of these scams. As always, stay alert and use caution to keep your money – and your information – safe.
Receive a suspicious email
- If you receive phishing/scam emails, please forward it to email@example.com. The security team can evaluate the email and ascertain if it is malicious.
Provided your password or information
- If you have given or entered your NetID and password or other personal information, please immediately change your password at identity.uillinois.edu and contact firstname.lastname@example.org with the details.
Purchased Bitcoin, giftcards or deposited a check
- If you purchased gift cards, Bitcoin or deposited a fraudulent check, please contact UIC Police for assistance at 312-996-2830 or visit police.uic.edu.
Receive a scam call
- If you receive a scam telephone call, hang up, block the number and call UIC Police to report it at 312-996-2830.
Thank you in advance for your support to deter and prevent cyber attacks. Please email email@example.com with any questions or concerns.