As a high school student, you probably already conduct a lot of your daily life online. Your online activities will continue to increase in college with attending classes, meeting with professors, and accepting financial aid.
With so much being done online, it's easy to become complacent and fall victim to a phishing attack. Phishing attacks, which often come in the form of an email that appears to be from your school, your bank, or someone you know, can put your identity and your finances at risk.
The U.S. Department of Education recently announced that some college students have fallen victim to phishing scams that have enabled attackers to steal financial aid money.
In this scam, students are asked to log in to their portal and check their tuition statement. By clicking on the link in the email and logging into the portal, the attacker can gain access to the student's account. Upon gaining access to the portal, the attacker changes the student's direct deposit destination to a bank account controlled by the attacker. As a result, financial aid refunds intended for the student are sent to the attacker.
Here are some tips to avoid falling victim to this type of attack:
- Don't click on links in an email. Unless you are 100 percent positive that the email is from a trusted source, avoid clicking on any links in an email message. If you are asked to log in to your student portal and aren't sure, call your school to verify the request. You can also open another browser window and log into your portal separate from the email.
- Make sure your browser and your security software is up to date. Increased security is often a feature of new browser releases. In addition to the latest browser software, make sure you have installed and updated security software. This software can sometimes slow down your Internet browsing, but the inconvenience is well worth protecting your identity.
- Change your passwords often and make them complicated. Make sure your passwords comply with your school's security recommendations - the longer the better and include numbers, letters, and special characters.
- Be wary of pop-up ads on websites. Avoid clicking on these ads. Some ads are designed to look like legitimate companies but may enable a virus on your computer. If you want to check something out, go directly to the company's website in a separate browser window.
- Keep informed about phishing attacks to avoid become a victim. Watch for notices like this article and other news or warnings from your school to avoid becoming a victim.
- Check your online accounts often. Even if you don't think you've fallen victim to a scam, check your student portal and online accounts often. If you see anything suspicious, you can take action quicker.
If you should become a victim of one of these scams, be sure to report it to your school or to the appropriate institution. By acting quickly, you may help put a stop to the attacks and minimize the damage to your identity and to your finances.