Phishing Alerts and Best Practices

As incidents of email phishing increase, we can all play an important role to prevent malicious attempts. Learn to recognize and report suspicious or malicious emails, text message, or phone calls with these best practices.  Together we can help protect the security of your personal accounts as well as confidential college data.

CURRENT PHISHING ALERTS

• Gift card scams are on the rise. Over the past week, multiple users were impersonated and we received roughly 200 emails.  We ask that everyone be vigilant when receiving out of the ordinary emails or requests.  Remember, No one at Davidson College will ask you to purchase gift cards in this manner. Typically these scams start with a simple request. Here is an example of what to look for:
  

  “I need you to complete an Important task for me Could you please help me with your available text number”

  Once you provide your number the bad actor will text you with a message asking you to purchase gift cards.

• Tech Support scams, generated with an unsolicited phone call or pop-ups on your computer.  These resources provide in-depth information on these and other types of scams you may see. 
  Tech Support Scams: https://www.aarp.org/money/scams-fraud/info-2019/tech-support.html
• Phone calls, text messages and emails related to government stimulus checks to ask for personal information, including bank routing and account numbers or account information from money transfer apps, such as PayPal. The federal government will not ask for this information over the phone, through email or text messaging.  
• Fake Davidson or CDC emails could make you think you or your child has been exposed to COVID-19. They could say your family may face quarantine.
  Common COVID19 Scam Types: https://cybercrimesupport.org/covid-19-scam-alerts/

Best Practices

Never Provide Personal Information

Never provide personally identifiable information, such as passwords, credit card account numbers, social security numbers, usernames, banking account information, or any other confidential information through email.

Be aware and take the time to recognize phishing emails

Messages with suspicious, misspelled or contain grammatical errors, or that reference generic departments like "support" may be scam emails. Pay attention to generic or unusual greetings email signatures, especially those attempting to pose as one of your known contacts.

Never reply to unsolicited emails, text messages or phone call

Messages that ask for personal information including account name, passwords, social security numbers, or credit card information should not be trusted. Davidson College will never ask you for this information over email or text messaging. 

Never purchase gift cards on request from an unsolicited email, text message or phone call
Messages that ask you to purchase gift cards should not be trusted. Davidson College will never ask you for this information over email or text messaging.

Do not click links or open attachments

If you suspect or are uncertain about an email that contains links or one or more attachments, forward the email to T&I and our security team will take a closer look.

Keep your software up to date

Keep your devices updated and use antivirus software. 

Report it If you are unsure or have concerns about the legitimacy of an email, forward it to ti@davidson.edu.

Additional resources

Review the Social Engineering Red Flags document which details email components and things to look for in a phishing attempt.