Increased cyberthreats targeting campuses: what to look for and how to handle

Published by on June 26, 2025 12:00 am Comments Off on Increased cyberthreats targeting campuses: what to look for and how to handle in General

In response to increased cybersecurity threats targeting educational institutions, the Office of Information Security and Privacy provides resources for recognizing scams. We urge you to be extra vigilant and follow these tips:

  • Stay informed with this new cybersecurity advisory list (login required) which describes current threats affecting the general population. You can still see examples of recent scams at TU through the Phish Tank.
  • Trust your instincts. If something feels suspicious, or too good to be true, it probably is.
  • Take your time. Think before responding to urgent requests.
  • When in doubt, consult. Talk with your supervisor or contact the Office of Information Security and Privacy through a TechHelp service request.
  • Report it. Forward suspicious email to phishing@towson.edu, then delete. If you think your account has been compromised, submit a TechHelp service request immediately to let us know.

Here are recent types of threats and how to handle them:

Social Engineering Attacks
About the scam: Attackers trick you by pretending to be someone you trust, creating fake urgency, and asking for sensitive info. How to handle: verify before you trust.

  • If someone asks for sensitive info, contact them directly through official channels to confirm.
  • Use extreme caution before sending any sensitive info over the Internet or in email, text and chats (i.e., Teams, Webex, etc.).
  • Be suspicious of urgent requests that bypass normal procedures, especially requests sent through text or personal email.
  • Do not respond to suspicious requests.

MFA Bombing/Fatigue Attacks
About the scam: threat actors flood you with Multi-Factor Authentication (MFA) prompts to get you to approve fraudulent Duo requests, aiming to bypass security and gain access to your accounts, and ultimately the university’s data. How to handle: follow MFA best practices below.

  • Never approve Duo MFA prompts you didn’t initiate.
  • Report repeated, unsolicited MFA notifications immediately through TechHelp.
  • If you continue to receive unexpected authentication requests, contact the OTS Tech Support Desk.

Fraudulent Job Scams
About the scam: cybercriminals target students and employees with fake job opportunities. They may ask for sensitive personal info, urge you to deposit fake checks or buy gift cards, or solicit payment for training materials. These scams often use institutional branding to appear legitimate and can lead to identity theft and financial fraud. How to handle: verify job postings.

  • Confirm job opportunities are legit before applying. Contact the university’s Career Center for guidance or learn more about avoiding job scams.
  • Be cautious of unsolicited job offers, especially remote positions.
  • Never provide your SSN or banking information and never pay for job-related materials upfront.

Questions? Submit a TechHelp service request.

 

Tags: , , , ,

Categorised in:

This post was written by Weldon, Jennifer