Welcome to Arkansas State University!

  • Fake Browser Updates January 2020

    Fake Browser Updates

    Be on the lookout for fake browser update messages that appear when you are online at work or at home. These messages claim your browser (Chrome or Internet Explorer, for example) is out of date and needs to be updated. Displayed logos will match the browser you are using, and the text in the window will prompt you to download a file in order to apply safety and security updates.  

    Fake browser updates are dangerous. If you initiate a download, you will expose your device, your data and our organization to a cyber attack. 

    The link below takes you to a brief (two-minute) module that shows an example of a fake update message and helps explain the techniques cybercriminals use to fool people. You can also read the attached PDF for more information. 

    Link to the module: Fake Update Messages

    (Note: This link will take you to the website of Wombat Security, a division of Proofpoint.) 

    Please familiarize yourself with this scam and remain alert. Fake browser updates could appear on any website, even those you visit frequently. If you encounter a suspicious message, be sure to report it to our IT Security Team.

    You can also find a PDF here that gives you more information on the fake browser updates.

  • Job Scams

    JOB SCAM

    You just received a job offer email.  Is it a legitimate offer or a scam? Below are some tips for spotting and avoiding these potential scams.

    Never:

    • Never apply for a job that is emailed to you out of the blue.
    • Never give out personal information like your social security or bank account number over email or phone.
    • Never take cashier’s checks or money orders as a form of payment. Fake checks are common and the bank where you cash it will hold you accountable.
    • Never cash a check that comes with “extra” money and do not buy gift cards and send bar codes at an employer's request. Scammers send checks that require you to deposit a check at your bank, withdraw the “extra” money as cash, and then deposit that cash elsewhere. The check will bounce and you will be held accountable.
    • Never wire funds via Western Union, MoneyGram, or any other service. Anyone who asks you to wire money is a scammer.
    • Never apply for jobs listed by someone far away or in another country.
    • Never agree to a background check unless you have met the employer in person.

    Always:

    • Be skeptical. If a job is offering a lot of money for very little work, it is likely to be a scammer trying to get personal information from you.
    • Research the employer. Do they have a reputable website or professional references? Is the job listing you want to apply for also on their main career page? Note: work-study jobs may not be advertised on employer websites.
    • Meet face-to-face with a potential employer. An in-person interview or informal chat over coffee will help you determine the employer’s intentions.
      • Be sure to choose a public place to meet, tell someone where you are going and bring your cell phone, just in case.
    • Trust your instincts. If a job sounds too good to be true, it is likely a scam.

    Reporting Fraud & Scam Emails

    You can report a scam or phishing email to IT Security by emailing us at security@astate.edu or calling 3770 on campus.

  • IRS Scam 2021

    IRS Scam 2021

    The Internal Revenue Service has warned of an ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have “.edu” email addresses.

    The IRS’ phishing@irs.gov has received complaints about the impersonation scam in recent weeks from people with email addresses ending in “.edu.” The phishing emails appear to target university and college students from both public and private, profit and non-profit institutions.

    Taxpayers who believe they have a pending refund can easily check on its status at “Where’s My Refund?” on IRS.gov. 

    The suspect emails display the IRS logo and use various subject lines such as “Tax Refund Payment” or “Recalculation of your tax refund payment.” It asks people to click a link and submit a form to claim their refund.

    The phishing website requests taxpayers provide their:

    • Social Security Number
    • First Name
    • Last Name
    • Date of Birth
    • Prior Year Annual Gross Income (AGI)
    • Driver's License Number
    • Current Address
    • City
    • State/U.S. Territory
    • ZIP Code/Postal Code
    • Electronic Filing PIN

    People who receive this scam email should not click on the link in the email, but they can report it to IT Security. For security reasons, save the email using “save as” and then send that attachment to security@astate.edu or forward the email as an attachment to security@astate.edu

    Taxpayers who believe they may have provided identity thieves with this information should consider immediately obtaining an Identity Protection PIN. This is a voluntary opt-in program. An IP PIN is a six-digit number that helps prevent identity thieves from filing fraudulent tax returns in the victim’s name. 

    Taxpayers who attempt to e-file their tax return and find it rejected because a return with their SSN already has been filed should file a Form 14039, Identity Theft Affidavit, to report themselves as a possible identity theft victim. See Identity Theft Central to learn about the signs of identity theft and actions to take.