Scams

There are various scams and tactics that cybercriminals use to target us everyday. Learn more about common tactics they may use and steps you can take to minimize your risk.

Be alert for suspicious messages

Cyberattacks often begin with fraudulent “phishing” messages intended to make you open a file, click a link, install a plug-in or tool, or make a payment. These messages often impersonate trusted contacts and use emotive or urgent language to ask you to do something out of the ordinary, or something ordinary in an unusual way.

If you receive a suspicious message:

  1. Do not click any links or open any attachments.

  2. Forward the message to phishing@harvard.edu.

  3. Delete the message.

  • Fraudulent Duo Pushes

    Be mindful when your phone asks you to allow a Duo push. You should know (or be able to guess) what triggered a Duo push request.
  • Mobile Payment Alert

    Not all fraud alerts are legitimate. Cybercriminals can impersonate mobile payment companies and send fake fraud alerts to attempt to scam you.
  • Phishing

    Phishing is when an email claiming to be from a legitimate source attempts to trick you into providing your personal credentials or information. 
  • Social Engineering

    A method that bad actors will use to exploit your natural inclination to trust to trick you into giving them sensitive information or access.