Due to the global COVID-19 pandemic, the number and manner of scams is increasing sharply. If you have any concern about a potential incident or worry you might havefallen victim to a phishing attempt, please contact our Information Security team by sending an email describing the incident to email@example.com and refer to https://www.niu.edu/doit/security/phising.shtml. The current scams will be updated in "Current Scams" at https://www.niu.edu/doit/security. You will need to login before you can review it.
Malicious Phone Calls
Bad actors are pretending to be:
From your Bank
From your Credit Card company
From your Insurance Company
None of those resources will make an unsolicited call to you.
They will ask for your account, or personal information, or ask you to verify a PIN, or ask you to go to a website for assistance.
Do NOT do it, and do not give any information to the caller.
Hang-up, and if necessary contact the appropriate resource through normal channels.
From your Bank – go to your bank’s website and see how to contact them
From your Credit Card company – use the phone number on the back of your credit card
From your Insurance Company – use the contact information on your insurance card
Malicious emails about COVID-19 containing malware are also on the rise. These emails are spoofing health related organizations and claim to offer cures, vaccines, tests or other opportunities related to COVID-19. If you receive such emails, Please do NOT reply to the email or click any link or open any attachment, and just send the email itself as an attachment to firstname.lastname@example.org.
These emails will falsely claim to be:
CDC Alerts – The CDC will not send you an unsolicited alert. The only way to get alerts from the CDC is to go to their official website and subscribe.
Health Advice or Healthcare Organizations – These will ask you to click a link or open an attachment to get access to a test, vaccine, a cure or to download/review safety measures. Clicking the link or opening the attachment will either download malware or persuade you to enter personal information.
Local Public Safety or Public Health alerts – These will claim you need to click some link to stay safe or register to stay safe or need to open an attachment since you missed an important phone call from them.
NIU officials and NIU Departments – These emails will likely say there is an urgent change in policy and you need to click on a link or open an attachment.
An astonishing number of new websites using the COVID name have popped up. These are not reputable websites at best, and at worst deliver malware to your computer right through your browser.
Malicious Mobile Apps
Please beware of all sorts of new COVID mobile apps. A new Android app at a website called “coronavirusapp” is a ransomware locker.
Some other coronavirus apps have been identified as info stealers
Please only use reputable mobile apps.
What to do if you think you are a victim
If you responded to a request for a password and/or provided account information to someone inadvertently:
Change your password to a dissimilar and better password immediately.
If you believe your financial accounts may be compromised, contact your financial institution immediately and close any accounts that may have been compromised. Watch for suspicious charges to your account.
If you believe your computer has been compromised by malware please do a windows defender offline scan and contact your IT support. Instructions for doing the scan can be found at the following link.