Information Security
Protect Your Nest
Last modified 2/20/2025
Scam and Fraud Catalog
You Can't Spell SECURITY Without ISU!
Purpose
Protect Your Nest is designed to document, categorize, and raise awareness about scams targeting Illinois State University (ISU) students, faculty, and staff.
It serves as a reference for identifying fraudulent activities, understanding attack methods, and applying best practices to prevent financial loss, data theft, and reputational damage.
Scope
This catalog includes scams that:
- Target ISU students, faculty, or staff via email, phone, social media, or in person.
- Attempt to steal personal, financial, or login credentials.
- Use deception to gain unauthorized access to university systems or resources.
- Aim to manipulate victims into fraudulent transactions or commitments.
Scam Categories & Examples
| Category | Scam Type | Description |
|---|---|---|
| Phishing Scams | Fake IT Support | Emails pretending to be from ISU IT asking for login credentials. |
| Financial Aid Fraud | Fake scholarship or grant emails requesting payment or personal details. | |
| USPS Scam | Fake text message about packages that don't exist | |
| Employment Scams | Fake Job Offers | Fraudulent job postings offering high pay for little work, requiring personal info. |
| Secret Shopper Scams | Scammers send fake checks and ask recipients to buy gift cards. | |
| Payment Fraud | Tuition Payment Scams | Fake calls or emails impersonating ISU billing services. |
| Fake Vendor Invoices | Scammers send fraudulent invoices appearing to be from real vendors. | |
| Social Engineering | Executive/Dean Fraud | Attackers impersonate ISU executives asking for urgent financial transfers. |
| Tech Support Scams | Fake calls claiming the user's computer is infected, requesting remote access. | |
| Probing | Trying to get a target to interact over unsolicited texts | |
| Charity Scams | Attempting to solicit donations to charities that don't exist | |
| Hijacked Social Media | Impersonating an account that is trusted but is actually hijacked. | |
| Online Marketplace Fraud | Ticket Scams | Fake online sales of ISU event tickets, demanding upfront payments. |
| Housing Rental Scams | Fraudulent off-campus rental listings requiring deposits before viewing. |
Glossary
Scam Prevention & Best Practices
- Verify Communications
- Always check official ISU email addresses and phone numbers before responding.
- Never click on suspicious links or download unexpected attachments.
- Secure Personal & University Accounts
- Enable Multi-Factor Authentication (MFA) for ISU and personal accounts.
- Use strong, unique passwords, passphrases, or passcodes and never share credentials.
- Be Skeptical of Requests for Money or Information
- ISU will never ask for payment via gift cards.
- Always verify financial requests with the official department before taking action.
- Report Suspected Scams Immediately
- Email scams: Forward to abuse@ilstu.edu.
- Phone or social media scams: Report to ISU Information Security Office at informationsecurityoffice@ilstu.edu.
- Financial fraud: Contact ISU Police or local authorities.
Reporting & Response Plan
- Identification: Recognize potential scams through alerts, reports, and monitoring.
- Verification: Validate scam claims with IT Security or relevant ISU departments.
- Communication: Notify the ISU community through official channels if needed.
- Mitigation: Block phishing domains, disable compromised accounts, and take corrective actions.
- Awareness Training: Educate students and staff on new scam trends through security awareness campaigns.
Resources & References
- ISU Security Alerts: [Security Alert URL]
- FTC Scam Alerts: https://www.consumer.ftc.gov/scam-alerts
- Better Business Bureau Scam Tracker: https://www.bbb.org/scamtracker
Contact Information
For scam reports, questions, or assistance, contact:
ISU Information Security Office (ISO)
📧 informationsecurityoffice@ilstu.edu.
If you have seen a scam that you'd like to see added to this page, send a screenshot to: