Kansas State University

Scammers are targeting Kansas drivers with messages claiming they owe an unpaid toll fee. These fraudulent texts and emails include links to fake websites designed to mimic an official Kansas Turnpike Authority (KTA) or DriveKS site or even a toll website from another state.

How the scam works

These messages use urgent language like “Final Notice” or “Avoid Penalties” to pressure recipients to click the provided link. The fake websites are designed to look legitimate, often using graphics copied from real toll payment sites. Scammers send these messages to random phone numbers, regardless of whether the recipient has a toll account or has even driven on a toll road.

What you need to know

• KTA does not send unsolicited toll notifications. You’ll only receive official messages if you’ve opted in through DriveKS customer service or self-service channels.
• Legitimate DriveKS texts require a login. If you receive a message asking for payment without logging into your account, it’s a scam.
• You control your communication preferences. If you didn’t sign up for toll alerts, KTA won’t send them to you.

What to do if you receive a scam message

• Do not click any links: Avoid interacting with the message in any way.
• Report the scam File a complaint at www.ic3.gov to help authorities track fraudulent activity.
• Take action if you shared payment details.: If you entered financial information on a fraudulent site, contact your bank or credit card company immediately to secure your account.

Staying aware of these scams helps protect you and others from fraud. If in doubt, always verify toll payments directly through your official DriveKS account.

Your online activity creates a “digital footprint” of your online activity. This data ranges from your interests and purchases to your online behaviors, and it is collected by websites, apps, devices, services and more.

Follow these tips to stay safe online: Continue reading “Guard your online privacy” →

Cybercriminals ramp up attacks early in the year, often impersonating the IRS, H&R Block or TurboTax. Protect your data and keep your refund secure with these quick tips.

File early

Filing as soon as possible reduces the risk of tax fraud. Scammers use stolen Social Security numbers to file fake returns. If someone files before you, reclaiming your refund is a long process.

Use an IRS identity protection PIN(IP PIN)

An IRS IP PIN adds an extra layer of security, preventing unauthorized tax filings with your Social Security number.

Enable two-factor authentication 

Use two-factor authentication on your IRS account, tax software and bank accounts to prevent unauthorized access.

Beware of tax scams

Cybercriminals pose as the IRS, tax preparers and banks. Watch for:

• Fake IRS contact: The IRS won’t email, text or message you.
• Urgent threats: Scammers push for immediate action.
• Requests for sensitive data: Never share Social Security numbers, bank information or passwords via email or phone.
• Suspicious links and attachments: Clicking on a link or opening an attachment could install malware.

Vet your tax preparer

Ask how they protect client data, who has access and whether they use encrypted storage and secure backups.

Back up your tax records

Make digital and physical backups of your tax documents. Store electronic copies in an encrypted cloud storage service or an external hard drive or both. Keep printed copies in a secure location. The IRS generally recommends retaining tax records for three years, but depending on your situation, you may need to keep them longer.

Report scams

If you think you are the target of a tax scam, report it immediately.

• IRS victims of identity theft: IRS Identity Theft Central
• Treasury Inspector General for Tax Administration (TIGTA): Report IRS-related Impersonation
• IRS, Treasury, and tax-related online scams: Report Phishing
• IRS Criminal Investigation (CI): Report Tax Fraud
• Federal Trade Commission (FTC): Report Fraud
• Internet Crime Complaint Center (IC3): Report Cybercrime

Stay vigilant, file with confidence and don’t let scammers steal your refund!

The Division of Information Technology (IT) is launching its latest cybersecurity training course on Feb. 3 as part of our commitment to maintaining a secure digital environment. This annual training is a vital component of the university’s Secure Access initiative and is mandatory for all faculty, staff and student employees through the State of Kansas ITEC Policy 7230 – Information Technology Enterprise Security Policy section 8.0 Awareness and Training Standard.

The invitation to the training will be delivered to your inbox on Feb. 3 from system@listmos.com.

Key details

The training period starts Feb. 3 and ends on March 31. The training must be completed by March 31. Employees who have not completed the training by April 14, 2025, will lose access to university systems until the training is finished.

New features

This year’s training introduces a “test-out” experience designed to streamline the process and make it more efficient. The following are the enhancements to the training:

• Pre-test option: Users can take a pre-test to demonstrate their cybersecurity knowledge.
• Targeted training: Based on the pre-test results, the training will tailor the content. You will only need to watch videos for sections where you answered questions incorrectly.

This personalized approach minimizes time spent on material you already understand while ensuring you receive necessary instruction on topics where improvement is needed.

Support and Questions

For assistance or questions about the training, contact the IT Service Desk:

• Phone: 532-7722
• Live chat
• Submit a ticket
• Walk-in: 2nd Floor, Hale Library

Stay proactive and help keep our university’s digital environment safe by completing your training on time. Thank you for your cooperation!

K-State has been targeted with a new PayPal scam. Scammers are impersonating PayPal and sending fake invoices. Their goal is to trick you into contacting them using the information provided on the invoice. 

If you call the number or send an email, you’ll reach a fake call center. The scammers will claim they can refund the charges but need your credit card or banking information. In some cases, they might convince you to start a remote “help session” to remove nonexistent software from your computer. Once connected, they can blank out your screen and perform malicious activities on your device without your knowledge. Continue reading “Tips to avoid current PayPal scam” →

As part of K-State’s continued commitment to safeguarding the university’s information and technology resources, the Division of Information Technology (IT) is pleased to announce that the 2025 Cybersecurity Training course will be released on Feb. 1, 2025. Details about the completion timeframe for this new training will be announced in January. We encourage all faculty, staff and student employees to watch for the announcement and be prepared to complete the updated course once it becomes available.

Transition period and temporary changes

To ease the burden during the winter break and to reduce disruptions in account access, the disabling of accounts due to incomplete 2024 Cybersecurity Training will be suspended as of Dec. 20, 2024. This temporary pause will ensure that individuals do not lose access to essential systems and resources over the winter break. IT will announce when normal account disablement procedures for non-compliance will resume.

Availability of 2024 Cybersecurity Training Continue reading “2025 Cybersecurity Training available Feb. 1: Temporary suspension of account disabling” →

Scammers use giveaways or low-priced offers to entice you to share personal information or to take your money. One such scheme making the rounds on social media is the fake Walmart Dell laptop offer. Be vigilant. Don’t fall for these types of scams.

How it works

Scammers create realistic-looking posts or ads on social media, often mimicking well-known companies’ branding. These ads claim you’ve been selected to receive a free or very low-priced laptop, phone, or other high-value item as part of a promotion. To claim the offer, you’re asked to click a link and provide personal information or pay a small “processing fee.”

Once scammers have your credit card information, they can make unauthorized purchases, drain your accounts, or sell your details. These actions can lead to financial losses and potential identity theft, making it critical to protect your data. Continue reading “Beware of giveaways” →

Black Friday gives cybercriminals a golden opportunity for scams. They can use social media, email messages and more to entice you to buy or share personal information. Follow these tips to stay safe during Black Friday.

• Phishing emails – Be cautious of emails promising exclusive deals. Scammers often mimic trusted retailers, but their links may lead to fake websites designed to steal your personal or payment information. Hover over links to check if the URL matches the retailer’s website or go directly to the retailer’s website instead of clicking links.
• Beware of fake social media ads – Social media is often used during the holiday season, and often times they are scams. Avoid clicking on ads from unknown brands. Pay attention to comments on the post. Other users may flag scams.
• Protect your personal information – Scammers may ask for unnecessary information during checkout. A legitimate retailer will only require the details needed to process your order.
• Keep your devices secure – Shopping on unsecured devices or public Wi-Fi can expose you to cyber threats. Use strong passwords and enable multi-factor authentication on accounts. Shop on your own device with up-to-date antivirus protection. Avoid entering payment information on public Wi-Fi unless you use a VPN.

Stay vigilant and keep your personal and financial information safe.