Skip to main content
IT Service Status
IT Service Status

Avoid “News of the Day” Phishing Scams

Effective Date: October 10, 2022

illustration of website with magnifying glassPhishing attempts are ever-present in our digital society and often exploit the “news of the day.” Shortly after news broke about the government’s plan to forgive some federal student loans, scammers seized the opportunity. Read on to learn more about this scam and what to do if you spot it or other phishing attempts.

Federal Student Loan Forgiveness Scam

The U.S. Department of Education offers sound advice on how to avoid not only this student loan forgiveness scam but other common phishing attempts as well. To access the full guidance, visit the agency’s studentaid.gov website.

In short, the site documents examples of false claims that many scammers use, cautions borrowers not to pay for help with loan debt relief, and encourages individuals to confirm they are working with a U.S. Department of Education partner. The site also instructs borrowers on how to report a scam, including submitting a complaint with the agency, and other steps to take, including filing complaints with the Federal Trade Commission, Consumer Financial Protection Bureau, and more.

Recent Phishing Attempts at Northwestern

illustration of student looking at laptop with a phishing scam Northwestern’s Information Security Office aggressively monitors malicious emails sent to the University community. Nearly three of every four emails sent through the University’s central email environment are quarantined as spam. In addition to Northwestern’s Email Defense System, additional filters are present in Outlook and Google Workspace to further protect our students, faculty, and staff. Despite these layers of protection, scammers are constantly changing tactics and techniques, and some messages slip through the security net.

We track large-scale phishing attempts on our community and document them on Northwestern IT’s Recent Phishing Attempts page. Two of the most recent attacks are listed below:

  • New 2023 Loan Options at Northwestern—In this instance, scammers are encouraging students to secure a private loan to pay for expenses like tuition, books, school fees, etc. As you review the example, pay special attention to the “From” address and note that it is sent from an unofficial address. Also, consider that the receiver has not inquired about a student loan.
  • Job Opportunity at Northwestern University—In this scenario, students are offered a remote work opportunity and encouraged to submit, via text message, their personal information. Pay special attention again to the “From,” as it comes from a Gmail account, not a professor’s Northwestern email address. The other significant flag is the request to submit information via text message to a personal phone number.

Ultimately, we all have a role to play in staying cyber-secure. Please remember, if you believe a phishing scam has reached your inbox, immediately report the email to the Northwestern IT Information Security Office. Reporting the email enables the office to specifically tune its systems and filters and help keep other community members safe.

Please also take a moment to learn more about scam emails and use best practices to protect you and the University against these scams.