The IT Security Awareness Quiz link is at the end of the article. Everyone who completes the quiz is entered to win one of five $50 Amazon gift cards.

The start of a new school year brings a buzz of excitement for students, faculty, and staff as they embark on fresh academic adventures. However, this period also attracts a different kind of attention—from hackers, identity thieves, and other malicious actors eager to exploit the chaos. Educational institutions, already grappling with serious cybersecurity challenges, now confront a surge in fraudulent activities fueled by the confusion surrounding student debt relief. This heightened risk underscores the urgent need for robust security measures to protect the academic community during these turbulent and challenging times.  As always, watch out for typical beginning-of-the-school-year scams:

• Emails supposedly containing “a problem with registration”.
• Scams specifically designed to cheat learners out of money, such as scholarship scams, fake tuition payment processors, textbook rental or book-buying scams, housing scams, tutoring scams, work-from-home scams, fraudulent job offers, and deceptive online deals on school supplies.
• IRS impersonators demanding that learners or their parents wire money immediately to pay a fake "federal student tax".
• Messages with links to fake login pages.
• Messages asking for your login information.
• Fake friend requests on social media.
• Fake Box or Google Docs notices.

How to stay safe:

The best way to avoid scams is to approach all unexpected messages, offers, and phone calls with skepticism. Helpful habits include:

• Always think twice before clicking on links or opening attachments, even if they look like they are from someone you know. If you are not sure, contact the sender by a different method you know is legitimate to confirm they sent it (e.g., they send an email, you make a phone call).
• Even if you know or suspect an email might be a phish, report it via Phish Alarm and find out almost instantly in most cases. Overreporting is never an issue! All of the information received from reporting helps UCSF analyze, detect, and reduce risk.
• Verify requests for private information. Remember, con artists know how to fake their identities. Use the same thoughtfulness and care as you’d do with other areas of your personal or financial life.
• Protect your passwords. Make them long and complex, never reveal them to anyone, and use different passwords for different accounts. Also, multi-factor authentication (MFA) should be used whenever possible. No matter how legitimate a message may look, nobody other than yourself needs to know your password. The UCSF Service Desk will never ask for your user ID and password.
• Use a password manager such as UCSF’s Password Management Tool. It generates strong passwords, auto-fills passwords across your apps and sites, and organizes passwords on all platforms and devices.

Additional Information:

• Federal Trade Commission Consumer Information:  Tag: Student Loan and Education Scams
• Fraud.org: Avoid the most common back-to-school scams
• Federal Student Aid: Avoiding Student Aid Scams
• Attorney General: Beware of Scams targeting College and Graduate Students
• Homeland Security:  International Students: Be Aware of Potential Scammers
• BBB Tip: Back to school shopping for tech supplies
• Norton: 6 back-to-school scams and how to avoid them
• FCC: "Back to School” Scams Test College Students

Take the quiz on this article. The prize for passing the quiz is one entry in a drawing for one of five Amazon $50 gift cards.