Be aware! Students are a target for unethical and illegal scams and fraud.
Identifying official University email communications
Email can be “spoofed” or forged to look like it’s coming from a respected source. Fraudsters use email spoofing to trick recipients into sharing account numbers or sensitive information. Highly sophisticated email spoofs can be hard to detect, but most are given away by a few tell-tale signs.
How to identify official University emails and avoid potential email scams
- Watch for incorrect grammar and spelling. Many e-mail scams originate from outside the U.S.
- View the hidden email header information and verify that it was sent from an address ending in umn.edu.
- Never share sensitive information by email. The University of Minnesota will never send an unsolicited email message asking you to reply with your password or other confidential information such as a Social Security or bank account number. Messages requesting such information are fraudulent and should be deleted.
- Be suspicious of any message demanding immediate action.
If you receive a questionable email
- Don’t use the links if the message is directing you to a Web page. Open a new browser window and type in the address yourself or do an Internet search for the business/organization.
- Review the Federal Trade Commission’s consumer alert, How Not to Get Hooked by a Phishing Scam and if warranted, forward the suspected email message to firstname.lastname@example.org for further action.
- Permanently delete the message from your inbox.
If the questionable email claims to be from the University
- Report the suspicious message to the Office of Information Technology.
Keeping fraud out of your inbox
- Use your University account for morris.umn.edu or umn.edu messages only.
- Visit the Federal Trade Commission website for more fraud prevention resources.
- What is identity theft?
- What can you do to prevent it?
- Where can you go for help if you are a victim?
If you receive an email you suspect is a phishing scheme, confirm through other means that the email or the website it directs you to, is legitimate. This may mean that you need to contact a department within the University, or the Customer Service division of a bank.
For secured University functions such as registration, billing and payments, or admissions, the familiar University login page should appear for any University pages that ask for personal information. If in doubt, remember that most functions are available by going to One Stop Student Services. Follow the links there rather than those in the email.
You should never have to pay to find out about scholarships. This page provides a list of common fraud techniques to watch out for.