After the FBI issued two public service announcements last month warning university communities about online scams aimed at universities, their employees and students, officials said this university is not among targeted institutions.
Such scams include “work-from-home” scams, in which college students receive emails from fake companies looking to recruit hires for their payroll and/or human resource positions, and “payroll” scams, in which university employees are asked to identify changes to human-resource statuses by logging in with their credentials, according to the Internet Crime Complaint Center.
In a brief statement on its website, University Police responded to the FBI’s warning, claiming there is no evidence or reason to believe this university is a target of these scams.
University Police Detective Christopher Iversen said he has not noticed any spikes in these types of cases, but acknowledges that people should always be vigilant of suspicious emails that ask for personal information.
“The FBI would put out several notices like this, so if they have seen an uptick in this kind of thing, and that’s when they would post these types of alerts,” he said. “If [account holders] receive emails from people that they don’t know or strangers, they have to question the source.”
The complaint center, the FBI-created government agency that published the reports, explains that victims are asked to provide personal information such as a bank account number. In the work-from-home scam, students unwittingly receive a stolen deposit in their account and are prompted to transfer that money to another account involved in the scam. Cyber criminals receive the money transferred to the other account, and the student’s account is ultimately identified as having been involved with fraud.
“Students don’t necessarily have a lot of experience with these type of things,“ said Jonathan Katz, a computer science professor. “You have people who are on their own for the first time and financially independent.”
Iversen said he has seen students fall victim to online scams more often than faculty or staff members because the students’ desire for work and an income tends to be greater.
“If they are too busy with schoolwork or maybe have another job and they see an advertisement online that you can make easy money from home for doing something, they are more inclined to go along with that kind of thing,” he said.
The payroll scam used to target university employees utilizes a tactic known as “phishing,” in which an email is sent with a link that prompts users to enter confidential login credentials, according to the IC3.
In October, the Division of Information Technology issued a warning to the university community regarding phishing emails, advising people never to enter login information associated with a link in any email.
“Some spam messages do make it through UMD filters into inboxes, because if we set the filter thresholds too aggressively, legitimate email messages will get blocked as well,” DIT Director of Communications and Marketing Phyllis Johnson wrote in an email. “This is why it is important for members of the university community to be aware that spear phishing emails are sent for nefarious purposes.”
The complaint center explains the consequences of falling victim to the work-from-home or payroll scams include money not being returned in full, stolen paychecks, bank account closures and student arrests or prosecutions in federal court.
If scammed, Iversen recommended, students should gather as much information about the fraudulent charges as possible and immediately relay that information to email providers, banks, credit report companies and the police.
