Cybercriminals don’t take winter break!  

That’s why it’s vital to stay vigilant while vetting messages from agencies like the Internal Revenue Service (IRS), potential employers, and even the university at the start of the new year.  

Whenever you receive an unexpected/unsolicited message, proceed with caution! Luckily, bad actors often showcase similar red flags that can help you identify their nefarious intentions. Some common indicators include: 

• Requests for personal information. For example: 
  • Pictures of driver’s licenses 
  • Social security numbers 
  • Banking numbers 
• Demands to click links, download attachments, or immediately respond.  
• Unexpected communication from unverified channels. For example: 
  • Be wary of emails to your UWM inbox from domains outside the university like @uwm.com, @gmail.com, @uwm.org, etc.  
  • Watch out for phone calls or texts from organizations such as the IRS which mainly use the US Mail Service to communicate with you. Visit CISA’s tax season scam resource for more information about these scams.
• Messages that elicit a strong emotional response. For example: 
  • Job opportunities 
  • Tax information  
  • Account closures 
• Poor grammar 
• Vague organizational affiliation 

Still aren’t sure if that message you got is a phishing email? Send it to abuse@uwm.edu and a member of our Information Security Office will be able to verify its legitimacy for you.

These aren’t the only scams cybercriminals will try to pull, and UWM IT wants to remind everyone about our Cybersecurity webpage! Learn about everything from passphrase creation to different kinds of phishing scams and everything in between! 

If you need assistance regarding this topic, please contact the UWM Help Desk.