Kansas State University

Cybercriminals ramp up attacks early in the year, often impersonating the IRS, H&R Block or TurboTax. Protect your data and keep your refund secure with these quick tips.

File early

Filing as soon as possible reduces the risk of tax fraud. Scammers use stolen Social Security numbers to file fake returns. If someone files before you, reclaiming your refund is a long process.

Use an IRS identity protection PIN(IP PIN)

An IRS IP PIN adds an extra layer of security, preventing unauthorized tax filings with your Social Security number.

Enable two-factor authentication 

Use two-factor authentication on your IRS account, tax software and bank accounts to prevent unauthorized access.

Beware of tax scams

Cybercriminals pose as the IRS, tax preparers and banks. Watch for:

• Fake IRS contact: The IRS won’t email, text or message you.
• Urgent threats: Scammers push for immediate action.
• Requests for sensitive data: Never share Social Security numbers, bank information or passwords via email or phone.
• Suspicious links and attachments: Clicking on a link or opening an attachment could install malware.

Vet your tax preparer

Ask how they protect client data, who has access and whether they use encrypted storage and secure backups.

Back up your tax records

Make digital and physical backups of your tax documents. Store electronic copies in an encrypted cloud storage service or an external hard drive or both. Keep printed copies in a secure location. The IRS generally recommends retaining tax records for three years, but depending on your situation, you may need to keep them longer.

Report scams

If you think you are the target of a tax scam, report it immediately.

• IRS victims of identity theft: IRS Identity Theft Central
• Treasury Inspector General for Tax Administration (TIGTA): Report IRS-related Impersonation
• IRS, Treasury, and tax-related online scams: Report Phishing
• IRS Criminal Investigation (CI): Report Tax Fraud
• Federal Trade Commission (FTC): Report Fraud
• Internet Crime Complaint Center (IC3): Report Cybercrime

Stay vigilant, file with confidence and don’t let scammers steal your refund!

The Division of Information Technology (IT) is launching its latest cybersecurity training course on Feb. 3 as part of our commitment to maintaining a secure digital environment. This annual training is a vital component of the university’s Secure Access initiative and is mandatory for all faculty, staff and student employees through the State of Kansas ITEC Policy 7230 – Information Technology Enterprise Security Policy section 8.0 Awareness and Training Standard.

The invitation to the training will be delivered to your inbox on Feb. 3 from system@listmos.com.

Key details

The training period starts Feb. 3 and ends on March 31. The training must be completed by March 31. Employees who have not completed the training by April 14, 2025, will lose access to university systems until the training is finished.

New features

This year’s training introduces a “test-out” experience designed to streamline the process and make it more efficient. The following are the enhancements to the training:

• Pre-test option: Users can take a pre-test to demonstrate their cybersecurity knowledge.
• Targeted training: Based on the pre-test results, the training will tailor the content. You will only need to watch videos for sections where you answered questions incorrectly.

This personalized approach minimizes time spent on material you already understand while ensuring you receive necessary instruction on topics where improvement is needed.

Support and Questions

For assistance or questions about the training, contact the IT Service Desk:

• Phone: 532-7722
• Live chat
• Submit a ticket
• Walk-in: 2nd Floor, Hale Library

Stay proactive and help keep our university’s digital environment safe by completing your training on time. Thank you for your cooperation!

K-State has been targeted with a new PayPal scam. Scammers are impersonating PayPal and sending fake invoices. Their goal is to trick you into contacting them using the information provided on the invoice. 

If you call the number or send an email, you’ll reach a fake call center. The scammers will claim they can refund the charges but need your credit card or banking information. In some cases, they might convince you to start a remote “help session” to remove nonexistent software from your computer. Once connected, they can blank out your screen and perform malicious activities on your device without your knowledge. Continue reading “Tips to avoid current PayPal scam” →

As part of K-State’s continued commitment to safeguarding the university’s information and technology resources, the Division of Information Technology (IT) is pleased to announce that the 2025 Cybersecurity Training course will be released on Feb. 1, 2025. Details about the completion timeframe for this new training will be announced in January. We encourage all faculty, staff and student employees to watch for the announcement and be prepared to complete the updated course once it becomes available.

Transition period and temporary changes

To ease the burden during the winter break and to reduce disruptions in account access, the disabling of accounts due to incomplete 2024 Cybersecurity Training will be suspended as of Dec. 20, 2024. This temporary pause will ensure that individuals do not lose access to essential systems and resources over the winter break. IT will announce when normal account disablement procedures for non-compliance will resume.

Availability of 2024 Cybersecurity Training Continue reading “2025 Cybersecurity Training available Feb. 1: Temporary suspension of account disabling” →

Scammers use giveaways or low-priced offers to entice you to share personal information or to take your money. One such scheme making the rounds on social media is the fake Walmart Dell laptop offer. Be vigilant. Don’t fall for these types of scams.

How it works

Scammers create realistic-looking posts or ads on social media, often mimicking well-known companies’ branding. These ads claim you’ve been selected to receive a free or very low-priced laptop, phone, or other high-value item as part of a promotion. To claim the offer, you’re asked to click a link and provide personal information or pay a small “processing fee.”

Once scammers have your credit card information, they can make unauthorized purchases, drain your accounts, or sell your details. These actions can lead to financial losses and potential identity theft, making it critical to protect your data. Continue reading “Beware of giveaways” →

Black Friday gives cybercriminals a golden opportunity for scams. They can use social media, email messages and more to entice you to buy or share personal information. Follow these tips to stay safe during Black Friday.

• Phishing emails – Be cautious of emails promising exclusive deals. Scammers often mimic trusted retailers, but their links may lead to fake websites designed to steal your personal or payment information. Hover over links to check if the URL matches the retailer’s website or go directly to the retailer’s website instead of clicking links.
• Beware of fake social media ads – Social media is often used during the holiday season, and often times they are scams. Avoid clicking on ads from unknown brands. Pay attention to comments on the post. Other users may flag scams.
• Protect your personal information – Scammers may ask for unnecessary information during checkout. A legitimate retailer will only require the details needed to process your order.
• Keep your devices secure – Shopping on unsecured devices or public Wi-Fi can expose you to cyber threats. Use strong passwords and enable multi-factor authentication on accounts. Shop on your own device with up-to-date antivirus protection. Avoid entering payment information on public Wi-Fi unless you use a VPN.

Stay vigilant and keep your personal and financial information safe.

Social media is a powerful tool for connecting with friends, sharing experiences, and discovering new content. But it’s also a hotspot for scams. Cybercriminals use clever tactics to trick users into giving up personal information, money, or even access to their accounts. Follow these tips to learn how to spot these scams on social media.

Watch for red flags in messages

Scammers often send messages that look like they’re from someone you know or a trusted company. These messages might ask for personal information, like your password or Social Security number, or try to get you to click on a suspicious link. Be cautious if:

• The message seems urgent or too good to be true.
• The person asks for money, especially through gift cards or wire transfers.
• The language or tone doesn’t sound like the person you know.

Be wary of unverified accounts Continue reading “How to identify scams on social media” →

The holiday season is approaching, and gift card scams are a common tactic used to steal your money. Understanding how this scam works and staying alert can help you avoid becoming a victim.

How the gift card scam works

Gift card scams start with a call, text, email, or social media message. Scammers will try every trick to get you to buy gift cards and hand over the card number and PIN codes. :

Continue reading “Watch out for gift card scams: protect your money and stay safe” →

With the increasing reliance on digital tools and online platforms in education, it’s crucial to ensure that sensitive student information remains confidential and protected from unauthorized access.

Student data includes everything from names and contact details to grades, disciplinary records, and even health information. Unauthorized access or exposure of this data can lead to identity theft, reputational harm, and violations of privacy laws, such as FERPA (Family Educational Rights and Privacy Act). Continue reading “Protecting student data” →