For Students Archive

Stay cyber-safe at school

As we kick off the school year, it’s important to stay aware of online security threats. Internet scammers often shift their focus to universities at the beginning of the school year as students are returning to their classrooms and residence halls.

One of the most common methods is phishing, which uses email, text messages, or phone calls to trick people into sharing sensitive information. These messages often look like they’re from a trusted source. Instead, they’re sent by scammers seeking to access bank accounts, credit cards, login credentials, or other confidential data.

Here are some common back-to-school scams to keep an eye out for: 

  • Shopping scams – phony websites promising bargains but designed to collect credit card and other personal information.
  • Job offers – scammers offer appealing job opportunities with the intention of stealing money, identity, and personal information. They often spoof legitimate companies’ websites or real people’s email addresses to make the offers more realistic.
  • The student tax – a popular scam targeting first year students and their parents via email, phone, or text. Individuals posing as IRS or other government representatives request payment of “student tax” and threaten penalties for failure to pay.
  • Scholarship scams – these phony scholarship applications often require an application or redemption fee or request banking information.
  • Student loan forgiveness scams – scammers ask for personal or financial information of victims to start the loan-forgiveness process.

Ways to avoid falling for back-to-school scams or other phishing attacks: 

  • Think before you share – Never share direct deposit details, credit card numbers, or personal information like your Social Security number on an unfamiliar website.
  • Pause before you click – If anything seems unusual, do not click links or open attachments.
  • Verify the request – If you receive an email from the University asking for urgent action, question its legitimacy. If you’re not sure, contact the appropriate office directly to verify the request.
  • Report threats – ITS can investigate incidents and take action to prevent similar threats in the future. If you receive a phishing email, report it using the following instructions: https://drake.teamdynamix.com/TDClient/2025/Portal/Requests/ServiceDet?ID=17310

More information on how the scams work and how to help stop the scammers behind them is available on News & Alerts section of the ITS website: https://www.drake.edu/its/news/index.php?article=59928

Thank you for your help in keeping all our information and systems safe.

— Keren Fiorenza, ITS