The IT Security Awareness Quiz link is at the article's end. Everyone who completes the quiz is entered to win one of six $50 Amazon gift cards.

The new school year is exciting for learners, faculty, and staff. It is also an exciting time for hackers, identity thieves, and other unscrupulous types who take advantage of people during this busy time of year.  Schools, in general, were already facing significant cybersecurity issues, and now they are also seeing fraudsters who are taking advantage of the confusion surrounding the Supreme Court decision on learner debt relief.

As always, watch out for typical beginning-of-the-school-year scams:

• Emails supposedly containing “a problem with registration”
• Scams specifically designed to cheat learners out of money, such as scholarship scams, fake tuition payment processors, textbook rental or book-buying scams, housing scams, tutoring scams, and work-from-home scams
• IRS impersonators demanding that learners or their parents wire money immediately to pay a fake "federal student tax"
• Messages with links to fake login pages
• Messages asking for your login information
• Fake friend requests on social media
• Fake Box or Google Docs notices

How to stay safe:

The best way to avoid scams is to approach all unexpected messages, offers, and phone calls with skepticism. Helpful habits include:

• Always think twice before clicking on links or opening attachments, even if they look like they are from someone you know. If you are not sure, contact the sender by a different method you know is legitimate to confirm they sent it (e.g., they send an email, you make a phone call).
• Even if you think an email might be a phish, report it via Phish Alarm and find out almost instantly in most cases. Overreporting is never an issue! All of the reporting information helps UCSF analyze, detect, and reduce risk.
• Verify requests for private information. Remember, con artists know how to fake their identities.
• Protect your passwords. Make them long and complex, never reveal them to anyone, and use different passwords for different accounts. Also, multi-factor authentication (MFA) should be used whenever possible. No matter how legitimate a message may look - nobody other than yourself needs to know your password. The UCSF Service Desk will never ask for your user ID and password.

Additional Information:

• Federal Trade Commission Consumer Information: Did you hear the SCOTUS decision on student loan debt relief? So did scammers.
• IRS: University students and staff should be aware of IRS impersonation email scam
• Fraud.org: Avoid the most common back-to-school scams 
• Federal Student Aid: Avoiding Student Aid Scams
• Attorney General: Beware of Scams targeting College and Graduate Students
• Homeland Security:  International Students: Be Aware of Potential Scammers
• BBB Tip: Back to school shopping for tech supplies
• Norton: 6 back-to-school scams and how to avoid them
• FCC: "Back to School” Scams Test College Students

Take the quiz on this article. The prize for passing the quiz is one entry in a drawing for one of six Amazon $50 gift cards.