11/29/2022
By James Packard, CISO

Online scammers are after your hard-earned money, personal information or university data. Thousands of people get victimized by scams during the holidays each year. According to the Internet Crime Complaint Center’s (IC3) 2021 report, non-payment or non-delivery scams cost people more than $337 million. Credit card fraud accounted for another $173 million in losses.

Between rushing to finish all the projects for the year and buying the last present on the list, everyone is caught in the “Holiday Daze.” Cybercriminals take advantage of the general state of mind to slip even more malicious emails into your inbox.

UMass Lowell’s Information Security team wants to share the following tips with you to keep you safe:

  • Do not fall for fake invoices or non-payment scams. Go to the source. The fake “receipt” or “invoice” usually contains only the scammer’s phone number. Most trusted resources include at least a link or instruction to access your account on the official website.
  • Avoid clicking on links or attachments in emails you do not recognize, social media or websites. Cybercriminals can get access to your personal information, such as bank accounts or passwords. In some cases, they can also download malware onto your device.
  • If you are purchasing products online, ensure that the website you are buying from has a secure and legitimate URL. Before making a purchase, make sure that the seller is legitimate. Also, be wary of those who have negative feedback ratings. This can be a red flag for potential fraud.
  • If you receive a fraud detection message on your computer, tablet or mobile phone that directs you to call a number to resolve the issue, search for the number online to verify its legitimacy.
  • Sometimes, the scammer will ask you to provide a gift card number and PIN. In these types of scams, the victim will never receive the item, as the seller will never use the gift card for the payment.

If you receive a suspicious email in your UMass Lowell account, do not click on any link or reply to the sender. Instead, please continue to report any malicious message by forwarding it as an attachment to infosec@uml.edu, or using the "Report Message" feature located on the upper right corner of your Outlook ribbon.

To learn more about holiday scams, visit the FBI’s holidays scams site.