Skip to content

Common scams — and how to spot them

Criminals are constantly coming up with new schemes designed to compromise computers, steal passwords, trick you into revealing personal, financial, and other valuable information, or con you out of money. They often use recent events — such as the COVID-19 pandemic or an earthquake — to prey on people, hoping to throw them off guard.

Scams can lead to identity theft, regular theft, access to your accounts and personal information, and compromised computers. And a compromised computer can put all of your information and passwords at risk.

Here are six tips from the Department of Homeland Security on how to spot a fake. 

Phishing attacks

Ever click on a link or open an attachment in an email, even though you’re not quite sure who it’s from?

Cybercriminals have skillfully figured out how to create emails that look like they’re coming from legitimate sources, including banks, government agencies, and other services and businesses. Get savvy in recognizing these frauds since often they not only collect your personal and financial information, but also infect your device with malware and viruses.

Learn more about phishing schemes

Download the Phishing 101 tip sheet

Watch the Beware of Phishing Scams video


Identity theft

Victims of identity theft often feel violated —rightly so, since this crime involves someone using your personal information to obtain money or credit. Signs that you may be a victim of identity theft:

  • bills for products or services you never purchased;
  • unauthorized withdrawals from your bank;
  • unauthorized charges on your credit card statements;
  • unauthorized charges on your credit card or new accounts in your name — which you never opened;
  • noticing a decrease in the amount of mail or bills you receive; or
  • a decrease in the amount of mail or bills you receive, or being rejected, or denied, for a credit application.

Don’t ignore any of these suspicious signals; report them immediately. The longer you wait, the more time-consuming, costly, and exhausting it can be to rectify the situation.



“You’ve won” scams

Winning isn’t always what it’s cracked up to be.

If you receive an email stating you’ve won a prize, the lottery, or a sweepstakes, be instantly on your guard if you are asked to pay a fee or tax for the prize, or if there’s a request for your credit card or bank account information. Here, you can win by not falling for this scam.


Imposter scams

You know you’re a good person when your first instinct is to help when you receive an email or call from a government official, family member, or friend asking you to wire money.

You know you’re a smart person when you don’t immediately fall for it and verify whether the situation is real or not. Criminals have become experts at impersonating those closest to you by exploiting your personal information available online. 


Tech support scams

If it ain’t broke, don’t fix it.

If someone claiming to be with a technology company contacts you and wants to diagnose a computer problem you didn’t know you had, or provide tech support you have not requested, stop! If you receive an unexpected pop-up or spam email about an urgent problem with your computer, stop! Scammers are likely using a nonexistent problem to obtain remote access to your computer or banking information.


Health care scams

Keep your stress levels low and be wary of calls, emails, or letters that promise big savings in your health insurance.

Cybercriminals will usually request your Medicare or health insurance information, social security number, or financial information. Not falling for these scams will give you a skeptical — but healthy — outlook on cyberspace.

Report a scam

To make a police report regarding a scam, call the University of Utah Police at 801-585-2677 and ask to speak with an officer. This request will create a call log, which will show the date, time, and nature of your complaint. After speaking with an officer, you will receive instructions on next steps.

2020 Cybersecurity Awareness Month 

Creating a cybersecure workspace — at home

Learn more

Why so many phishing attacks succeed

Learn more

Meet the computer forensics experts who investigate the U's cybersecurity incidents

Learn more

What to do when an abuser uses technology against you

Learn more

8 simple tips to improve your online safety and security

Learn more 

CSAM Scavenger Hunt

Play along!

Join the conversation on Twitter! Follow @uofu_iso.

Follow us!

Do you think you were phished?

If you receive a phishing attempt through a university email account or cannot tell whether an email is legitimateplease forward the email as an attachment to

  • If you are unsure how to forward a message as an attachment, use a search engine (e.g., Google) to find instructions for your email client.
  • If you use UMail Outlook Web Access (OWA), compose a new message, then drag and drop the email to forward it as an attachment into the body of the new message. Access this vendor support website for more information.

If, by accident, you click on a questionable link and enter login credentials, immediately go to the Campus Information Services portal ( and change your password. In addition, contact ISO's Security Operations Center at to notify information security staff.

If you need further assistance, please contact your cognizant central IT help desk:

  • Main Campus UIT Help Desk: 801-581-4000, option 1
  • University of Utah Health ITS Service Desk: 801-587-6000
Last Updated: 3/17/22