Scams & fraud
Be aware! As a student, you may be a target for scams by others who misrepresent themselves for illegal gain at your expense.
Identifying official University email communications
Email can be "spoofed" or forged to look like it's coming from a respected source.
Fraudsters use email spoofing to trick recipients into sharing account numbers or sensitive information. Highly sophisticated email spoofs can be hard to detect, but most are given away by a few tell-tale signs.
How to identify official University emails and avoid potential email scams:
- Watch for incorrect grammar and spelling. Many email scams originate from outside the U.S.
- View the hidden email header information and verify that it was sent from an address ending in "umn.edu." Go to the OIT Knowledge Base for simple instructions on how to view headers in email.
- Never share sensitive information by email. The University of Minnesota will never send an unsolicited email message asking you to reply with your password or other confidential information such as a Social Security or bank account number. Messages requesting such information are fraudulent and should be deleted.
- Be suspicious of any message demanding immediate action.
If you receive a questionable email:
- Don't use the links if the message is directing you to a web page. Open a new browser window and type in the address yourself or do an Internet search for the business/organization.
- Review the Federal Trade Commission's consumer alert, How Not to Get Hooked by a Phishing Scam and, if warranted, forward the suspected email message to email@example.com for further action.
- Permanently delete the message from your inbox.
If the questionable email claims to be from the University:
- First, make sure the hidden email header information is displayed. Go to the OIT Knowledge Base for simple instructions on how to view headers in email. Then, report the suspicious message by forwarding the email to the Office of Information Technology at firstname.lastname@example.org.
Keeping fraud out of your inbox:
What is identity theft? What can you do to prevent it? Where can you go for help if you are a victim? Find answers to these questions here.
If you receive an email you suspect is a phishing scheme, confirm through other means that the email or the website it directs you to, is legitimate. This may mean that you need to contact a department within the University, or the customer service division of a bank.
For secured University functions such as registration, billing and payments, or admissions, the familiar University login page should appear for any University pages that ask for personal information. If in doubt, remember that most functions are available by going to One Stop online by typing onestop.umn.edu directly into your web browser. Follow the links there rather than those in the email.
You should never have to pay to find out about scholarships. This page provides a list of common fraud techniques to watch out for.