Important Scam and Security Information

Dear Community Members,

In recent weeks, we have seen an increase in internet and phone scams and attacks. These attacks and scams have been taking the form of fake job offers, fake checks, and fake requests for information.

We need you to be aware of this problem, be vigilant with your personal information, and help us all work together to make sure scammers and hackers are not successful. In order to stay up to date on the latest scams and threats, and for advice on how to stay safe on the internet; please visit the Division of Information Technology (DoIT) IT Security website. You can also subscribe to the DoIT security feed.  

Subscribe to DoIT Security Feed

Protecting Yourself

If an offer seems too good to be true, it likely is. 

• Scammers often impersonate someone when making fake offers. When you receive an offer, verify it is legitimate by directly contacting the person or company who appears to have sent it. For example, call a company using contact information from their website. Do not reply directly to emails.
• Scammers often forge the "from" address in their malicious email messages to make it appear to come from a UMBC email address. For offers that appear to come from members of the UMBC community, directly call or email the person making the offer after looking them up in the UMBC Directory.  
• Some scammers are now sending their fake offers and malicious messages through SMS text messages, not just through email. No matter how you receive the messages, if they seem too good to be true, verify if the message is legitimate by contacting the alleged sender directly.  
• UMBC sends many official messages through myUMBC Personal Posts, which are more secure than email. You can authenticate a myUMBC Personal Post by checking to see if you have a corresponding myUMBC notification. 
• Please forward suspicious messages to security@umbc.edu and ask for verification. We will verify any offer for you.  

Additional things to remember:

• Never provide your confidential information (credit card number, social security number, driver's license number, passport number, etc.) to anyone via email, text message, or a web page. 
• No legitimate job offer will ever require you to send money or to buy things with your own money.
• If you receive a check you were not expecting, be suspicious, especially if the sender asks you to deposit a check and then send money or purchase items. Also, UMBC will never email you a check. For additional information, please review the Federal Trade Commission's website on fake check scams.

Working Together to Help UMBC

• Report suspicious activity to security@umbc.edu. Don't assume that something is obvious or someone else will report it; always report anything suspicious. Forwarding the scam or attack to UMBC DoIT Security allows us to notify the rest of the community and track the trends of what is hitting our campus. When forwarding malicious email to security@umbc.edu, including the full email headers will speed up our ability to respond.
• If you get a suspicious message, check for information about scams on the DoIT IT Security website and to subscribe to the article feed. Once subscribed, you will receive articles in your inbox as they are published. For more information, check out our FAQ: How to Subscribe to DoIT IT Security Notices and Articles.

Thank you for helping our community fight back against the scammers and attackers.

Mark Cather, Chief Information Security Officer, Division of Information Technology