Cyber criminals increasingly are targeting college students with the goal of stealing financial aid and tuition refund payments.
Protect yourself today by taking these steps:
- Enroll in multi-factor authentication - This is the single best way to secure your OHIO account! You'll get a verification request on your phone any time someone tries to access your account. If a login isn't you, press the DENY button and change your password.
- Learn to recognize scams - To help you learn how to spot scams, we'll periodically send simulated phishing messages, starting this semester. These will be completely harmless, and you won't get in trouble if you mistakenly reply to one. If you do respond to a simulated phishing message, you'll have the opportunity to review a brief tutorial that will ensure you are better prepared to recognize phishing messages in the future.
- Please forward suspicious messages as an attachment to firstname.lastname@example.org to ensure these attempts are reported.
Why this matters
If someone tricks you into giving them your OHIO password, they can use it to steal money from you. A LOT of money. Here's how it works:
First, a criminal sends you a phishing email with a link to a fake OHIO login page. If you enter your password into that page, the criminal steals your password, logs into My OHIO Student Center, drops all of your classes, and changes your account settings to send the resulting tuition refund to a bank account they control. Sometimes they'll also log into your email account to delete any confirmation messages that would clue you into what is going on.
Without multi-factor authentication, your personal information could be at risk. With multi-factor, your personal information would be protected. The system would send a verification request to your phone when the criminal tried to login to your account. You'd see that notification and be able to deny the login request.