Students should remain vigilant against scams as holiday approaches

WEST LAFAYETTE, Ind. — College students, like older adults, often are targeted by scam artists, who have tried any number of tricks to gain personal information with the goal of stealing money.

One of the latest scams seen on Purdue’s campus and others is fake job offers. Now, as students prepare to leave campuses for the holidays, it’s still important they remain vigilant, says Purdue University police chief John Cox. The prime shopping season also is primetime for scammers.

The U.S. Department of Homeland Security offers several tips in this series of short videos. Among them:

• Make sure your devices are updated with the latest software.
• When online, use strong passwords, consider a password manager and enable multifactor authentication.
• Shop only trusted retailers.
• If a deal sounds too good to be true, it probably is.
• Use a credit card if you can because they often have better fraud protection than debit cards.
• Monitor credit card and bank statements and report any suspicious activity.

Information Technology at Purdue also offers these general tips to avoid hackers and scammers.

• Don’t be fooled, assess. Don't open attachments or click on any links until you assess if the message is legitimate — even if it appears to come from a friend, colleague or real name of someone on campus. If you have doubts, ask your area IT representative or contact ITaP at 765-494-4000.
• Don't rush. Hackers want you to respond without thinking. Watch out for language that indicates a quick deadline or directs you to download and open an attachment, update an account, visit a website or provide personal information.
• Are there misspellings or typos? An email from a legitimate organization should be well-written. Grammar and spelling mistakes are red flags.
• Report phishing attempts. Suspicious emails to your Purdue account should be reported by forwarding the message to abuse@purdue.edu.
• Change your password. If you ever are concerned that you might have shared your password, change it as soon as possible. ITaP also will send an email alert automatically to faculty and staff whenever there is a change to their career account or direct deposit banking information.

Purdue also uses BoilerKey, a two-factor login system, to help protect employee personal information and university data and also has a scanning system in place to capture many emails with malicious intent.

Information Technology at Purdue (ITaP) provides a security checklist to help protect computers, data and personal information. ITaP also provides information on phishing and vishing (phone call) scams.

Media contact: Jim Bush, 765-494-2077, jsbush@purdue.edu