Skip to main content

Secondary navigation:

Information Technology Services

College Campuses: The Latest Target for Phishing Scams

Phishing scams - internet schemes that pose as a legitimate source to trick people into handing over personal information - are not an uncommon occurence in today's technology-driven world. In fact, it's likely that at any given time there is a suspicious email in your junk mailbox asking for some kind of personal information or prompting you to click on a sketchy link. These scams often pose as popular retail websites promoting a sale that is too good to be true, or your bank reporting that you need to provide some kind of secure information through email or over the phone. As Tax Day approaches, recent scammers have been targeting information that will allow them to file fraudelent tax returns in the names of their phishing victims.

Multiple college campuses have recently been targeted for these scams, perhaps becuase it gives the opportunity to access information from a large group of people with one hit. Last month, a community college in Norfolk, VA fell victim to a phishing attack that gave the hackers tax information of about 3,000 of the school's employees. One school employee responded to what seemed to be a legitimate request for W-2 information that resulted in access to the names, Social Security numbers, and yearly earning information - all information that is needed to file a tax return. The school reported that at lesat 16 people had already had fraudulent tax returns filed under their name. A school official stated "No amount of technology will prevent phishing, spear phishing or other kinds of attempted electronic fraud. The old saying, 'Look before you leap,' applies here. If an email sounds strange or lacks the official school email signature – even though it appears to be from a close colleague – contact the supposed “sender” to authenticate it." A similar scam occured on the Bowdoin College campus, after fraudulent tax returns had been filed under the names of school employees. The data theft occurred after an employee responded to a seemingly authentic request for information that resulted in tax form information of about 400 employees to be sent to the scammer.

Another recent Phishing scam went after individual students in attempts to gain tax information. One student explained that he recieved a voicemail from an unfamiliar phone number, and when he searched the number on Google it appeared to be from the local FBI office. Thinking that the call was legitimate, the student called back. The person on the other end of the call knew details about the victims student loans, and pointed to sections of his tax return that weren't filled out. The scammer told the student that he owed $2,000 to the government, and afraid of facing a penalty, the student wired the money right away. A Better Business Bureau investigator in the area stated, "It's apparently very easy to spoof numbers. People who are calling from outside the country can make it look like it's a local call, a government office, a business or attorney's office." Additionally, once money is wired it essentially becomes untraceable. The best thing you can do if you ever recieve a suspicious call like this one is to get the badge number of the caller and then contact your local FBI office. NEVER hand over your personal information over the phone if you are not sure that the call is legitimate.

One small slip-up can give hackers information that can cause you serious issues down the road. However, there is no need to fear: there are plenty of steps that you can take that help keep your online information safe, especially during this tax season.

  • Beware of any emails that ask for personal information or encourage you to click on a link. No matter how legitimate it may seem, hackers can pose as legitimate bank or credit card companies to trick users into thinking that the email is authentic. It is always safe to contact your bank or credit card company directly rather than responding in the email. Never click on any suspicious links!
  • Try to use password-protected or private Wi-Fi connections anytime you are working with sensitive information online. Pulic Wi-Fi networks can allow access to your online transactions and may allow hackers to uncover sensitive information.
  • Steer clear of deals that seem too good to be true. Whether it's a job offer targeting college students that claims great hours and nice pay, or an email claiming that you have won a cash sweepstakes, the general rule of thumb is that if it sounds too good to be true then it probably is. Never fall into these traps by giving your personal information to claim your "prize."

It's always better to be safe than sorry, especially when it comes to your personal financial information. For more tips on how to stay safe, visit the Boston College Phishing page.