Kansas State University

search

IT News

Cybersecurity: Phishing attempts increase at the start of the semester

Phishing is a way cybercriminals try to trick you into sharing personal information, such as passwords or credit card, social security, and bank account numbers, by sending you fraudulent emails or directing you to a fake website.

At the beginning of every semester, K-State sees a significant increase in the number of phishing scam emails trying to steal eID passwords. These emails try to trick K-Staters into providing their eID and password to criminals under the guise of “false emergency” emails, including:

  • “Upgrade your webmail account!”
  • “Your mailbox storage limit is full!”
  • “Your data, photos, etc. will be lost!”

These are all scams. K-State will NEVER ask for your password in an email. Do not reply to these scam emails, or click a link in an email and fill out a form with your eID and password.

Abide by one simple rule and you will be safe from these scams and others: NEVER provide your password to anyone in response to an email! 

If a scammer gets your eID password, they can access, control, and damage your K‑State resources, including these and others that may contain personal identity details:

  • Email/webmail account
  • HRIS employee information system
  • KSIS student information system
  • Wireless campus networks
  • Canvas

K-State and legitimate businesses will NEVER ask for your account, personal, or financial information by email.

Signs it’s a scam

Learn to recognize a phishing scam and help protect yourself from identity theft.

  1. Urgent or threatening tone.
  2. Email address doesn’t match sender’s name.
  3. Unexpected attachments.
  4. Generic greeting.
  5. Typos, misspellings, and improper grammar.
  6. Fake web addresses made to look legitimate.
  7. Link text and destination differ when hovered over.

Tips to prevent becoming a victim of phishing scams:

  • Don’t reply to a suspicious, unexpected, or strange email.
  • Be wary of email with urgent requests for your personal or financial information, or your sign-in credentials.
  • Don’t open unexpected or unusual attachments, attachments from strangers, or strange-looking emails.
  • Don’t click links in unexpected emails, emails you suspect are fraudulent, or if you don’t know the sender.
  • Don’t click Sign In links. Go to the business website and sign in there, or contact their customer service for help.
  • Avoid filling out forms in email messages that ask for financial information. Only share credit card information via secure website or telephone.

Forward any suspicious emails to abuse@k-state.edu. Visit the scams blog to stay up-to-date on scams arriving at K-State.

Share this post: