Purdue University Northwest / News / Announcements / Reminder about online security threats and scams

Reminder about online security threats and scams

February 6, 2025
Students sit in class with open laptops in front of them.
+ Share This Story

Earlier this semester, you received an email from IT Communications regarding online security threats and scams. As this semester progresses, we have seen digital threats in the form of email scams circulating.

The latest comes from what appears to be a legitimate “purdue.edu” address and talks about a way to get easy money with a flexible schedule. The email instructs you to “copy and paste” a link into your browser. Offers like this look too good to be true…because they are!

Here Are Some of the Red Flags I Saw

  • The fact it was a “purdue.edu” email address, but I didn’t recognize the sender;
  • There was no signature at the end identifying the sender;
  • The link was supposed to be “cut and paste” into a browser;
  • Used an irregular term (“form” rather than “link”).

Please scrutinize your emails and, hopefully, you will avoid scams and phishing emails! When in doubt, send it to abuse@purdue.edu.

I’ve confirmed with the PNW Career Center that they only send job opportunities via Handshake and PNW students will never get an on-campus job opportunity that is a Google Form. Additionally, most professional, reputable companies would never ask you to apply via Google Forms.

Here is an adapted version of the email from IT Communications, and I urge you to read through it carefully!

As we begin the spring semester, it’s a good time to refresh our knowledge of best practices to keep University data secure. It is up to the Pride to stay vigilant to protect their accounts and personal information. Successful phishing attacks and other security breaches pose risks not only to you but may also impact the Purdue University system.

Protect Yourself and PNW By Looking Out for These Signs of Phishing

Mysterious Messages

  • Phishing emails often appear to come from someone you know or trust, but they can also come from unknown senders.
  • Always check the sender’s full email address and make sure it matches the trusted source’s email address.

Urgent Demands

  • Phishing messages often direct you to take action immediately, implying that something negative will happen if you don’t. These messages are meant to get you to react before you think.
  • Always stop and think before taking an action. Does the request make sense?

Sneaky Links

  • One of the most common signs of phishing is the request to open an unexpected link or attachment. Malicious links or attachments can be used to steal your login info or other data.
  • Never open links or attachments from unknown or suspicious senders. If you need to sign in to a website, go directly to the known, legitimate address.

Before taking action, stop, look and think.

  • Does it seem suspicious, out of place, or just strange? Then report the message to abuse@purdue.edu and delete it immediately.

The Purdue Systems Security Cybersecurity Awareness team, part of Purdue IT, provides year-round training for faculty, staff and students about ongoing cybersecurity threats and resources. Cybersecurity updates, FAQs and training videos are available through the online Cybersecurity Awareness Hub.

To report suspicious or malicious emails to the security team, please utilize the Report Message button inside your Outlook client, which can be found in the top banner or by right-clicking an email in Outlook on the web (OWA). You can also report emails directly by forwarding them to abuse@purdue.edu.

Best,

Britt Hudson

Britt Hudson (she/her/hers) | Interim Dean of Students

+ Share This Story