There have been reports of fraudulent emails and phone calls from people pretending to be a government official, such as someone from the IRS (Internal Revenue Service), ICE (Immigration and Customs Enforcement), CBP (Customs and Border Protection), FBI (Federal Bureau of Investigation), a U.S. Consulate, or other government agency.
It is strongly advised to contact Penn’s Division of Public Safety first before you provide any personal information to someone you do not know.
Actual U.S. officials never ask you for personal identifying information by phone or email. You should never give someone your personal information such as name, date of birth, address, and bank account.
Government agencies will never directly ask you for money. If someone asks you for money, never provide your bank account information, never purchase gift cards for them, and never give out your social security number if you have one.
Scam artists may sometimes manipulate their phone number so that it appears that they are calling from a true government agency. They may have specific information about you (where you are from, your school etc.) that they discover from public or hacked information so they may appear to be legitimate, but it is best to first contact Penn’s Division of Public Safety.
Avoid carrying important documents such as your passport with you; make a copy and keep the originals in a secure location.
Remember, you may call Penn Police anytime, 24/7/365 at: 215-573-3333.
As a reminder, malicious and misleading emails, also called “phishing” emails, are the number one way that cyber-criminals begin their attacks. A hyperlink or attachment can attack and silently take over your computer when clicked, or a fake login screen presented when you click can be used to get you to provide your password without realizing it. Attacks of this kind have spiked recently so be on high alert.
Here are some specific things you can do to help protect yourself and to protect Penn:
- Verify the Sender: While fake emails can be made to look entirely like authentic messages, often you can spot a malicious email by reviewing the email address carefully. The name part of an email address can be changed easily – click on the email address in the “from” field and review the full email address to make sure it is who you think it is.
- Safer Ways to Open Messages: If you are not sure that a message is authentic, the best approach is to contact the sender using a previously established phone number to confirm, but at times this is not practical. If you need to open an attachment or link in one of these situations, it is safer to do so using an up-to-date iPhone, iPad or Chromebook than to use a Windows or Macintosh computer. If you are opening a Microsoft Word or Excel document you are unsure of, do not select the option in the yellow banner to enable editing, saving, or macros. These options can enable the document to attack your computer.