Beware Holiday Scams

Beware of Holiday Scams

Lynnetta Eyachabbe

Ron Fellhauer is our Executive Director of Security and Risk Management. Today he’s sharing his tips for avoiding scams this holiday season.

It’s that season again!  No, not football season or holiday season… it’s phishing season! Unfortunately, email phishers and internet scammers aren’t limited to a season, but this time of year provides even more opportunities for them to steal your data. Consider all the activities, events, and notifications you get this time of year–from college football playoffs (GO SOONERS!) to online shopping deals to electronic holiday cards–all can be used to catch your attention and make you click.

Successful phishing emails can lead to identity theft, delivery of ransomware or other malware to your computer, or even compromise of your computer or our network. Sound serious? It is! Ransomware is the fastest growing form of cybercrime around the globe and over 90% of ransomware originates in email, so being diligent can save you and your data.

So as our little gift to you this holiday season, the IT Security team would like to pass along some tips to keep you safe online:

  • Before you click on that “great deal,” take a few seconds to check it out. Hover over links in emails to see the domain you will connect to. Be sure the domain name is the one you’d expect for the product or service – a pair of Nike shoes probably wouldn’t come from fakenike.ru.
  • Look at the email address of the sender. If it doesn’t match the topic of the email, it is likely a phishing attempt. Verify the sender’s email domain or even call the person or customer service department to verify the message.
  • Make it a habit (or set a reminder) to regularly review your account transactions to be sure credit and debit cards are not being used without your knowledge. Also, review any subscription services (i.e. NetFlix, Amazon, or even food delivery services) that may be using those cards. Notify your bank of any suspicious activity.
  • Remember that most reputable companies will never ask for personal data or passwords via email. This includes OU IT, so if you get a message claiming to be from OU IT, check it out using the tips above or call us at 325-HELP to ask.
  • Our technical teams are working hard to try to eliminate phishing and SPAM emails from our inboxes, but we don’t always get them all. If you notice something suspicious, you can report it by forwarding the message to security@ou.edu.

If you think your OU account might be compromised, you can change your password at accounts.ou.edu.

For more security training, check out our online security training at onpoint.ou.edu or you can find out more about staying safe online here.

Thank you so much, Ron!

CIO Chats