A monthly Information Security publication for the WPI community.

This month's focus is on TAX and FINANCIAL AID SCAMS. Our thanks to Jessica Sabourin for partnering with us to bring you FAFSA and financial aid security info. And since Valentine's Day is coming up, we've added some Valentine specials!

In this issue:

  • Tax Scams
  • Financial Aid 
  • Learning with Laughter
  • From the CISTO
  • Meet Jessica Sabourin!
  • Valentine Specials for Your Devices, Zoom Meetings, & Romance Scams
  • Featured Videos
  • Financial Aid and Tax Scam News & Statistics
  • Diversity in Cybersecurity
  • Coming Next Month...

Tax Scams

Here are a handful of scams to watch out for during tax season; with additional details in the links below. If you come across one, report it using the Internal Revenue Service's (IRS) Report Phishing and Online Scams website.

  • Educational Institutions:  IRS-impersonators target .edu email addresses.  With the IRS logo and a subject line about the recipient's refund, this phishing email asks people to click a link and provide sensitive information. 
     
  • Text Message Impersonators: Do not trust any text messages claiming to be from the IRS. If the IRS needs to contact you, they will first try by mail.
     
  • False W-2 Form: Circulated on social media, this scheme encourages people using tax software to manually enter false income and withholding numbers in their W-2. The goal is to receive an exorbitant refund from the IRS.
Tax Scams & Consumer Alerts (IRS) Report Phishing and Online Scams (IRS)Avoid IRS Scams (NerdWallet)

Financial Aid

Using the official Free Application for Federal Student Aid (FAFSA®) is a secure way to apply for funds and share necessary tax information.

What is the IRS Direct Data Exchange (DDX)?

This tool allows you to consent for the exchange of tax information into your FAFSA, which enables FAFSA to retrieve income and tax data directly from the IRS. FAFSA applicants and contributors who indicate that they have filed their federal tax returns prior to completing their FAFSA may use the DDX process to complete their FAFSA.

Some families will not be able to use DDX if:

  • Parents of a dependent student file separate tax returns
  • Applicant’s parent changes marital status after the end of the tax year on Dec. 31
  • Applicant or applicant’s parents filed a foreign tax returns

Protect Your Identity When Applying for Aid

Reduce identity theft risk with these precautions:

  • Apply for federal and state aid using the FAFSA at the official website
  • After completing the FAFSA form online, exit the application and close the browser; any cookies created during your session will be deleted automatically.
  • Don't tell anyone your FSA ID username or password, even a person helping you fill out the FAFSA form.
  • Review your financial aid offers and keep track of the amounts you applied for and received. 
  • Never give personal information over the phone or internet unless you made the contact. If you have questions about an offer of aid or about your student loan account, ask your college or contact the Federal Student Aid Information Center.
StudentAid.govOnline FAFSA FormFederal Student Aid Login PageFederal Student Aid Information Center
Kermit the Frog looking at Evil Kermit. Evil Kermit text: "I'm telling FAFSA how much you spend on Fortnite."

FAFSA & Financial Aid Scams

Navigating the FAFSA and financial aid can seem daunting. Tricksters take advantage of this by offering their services for a fee, but you DO NOT have to pay for help to: 

  • Find money for college or Career School
  • Submit the FAFSA form
  • Apply for federal student loans

These links explain types of scams, note where you can find free assistance navigating the FAFSA and financial aid opportunities, and identify legitimate companies the Department of Education (ED) works with. The WPI Financial Aid team provides free guidance to enrolled WPI students.

WPI Financial AidAvoiding Student Aid Scams (studentaid.gov)How to Avoid Financial Aid Scams (Big Future)Avoid Scholarship and Financial Aid Scams (FTC.gov)

Student Loan Repayment Safety

Here are some tips about student loan repayment:

  • You DO NOT have to pay for help with your federal student loans.
  • Only work with loan servicers approved by the ED, listed on studentaid.gov.
  • Do not work with organizations that say you must act immediately to receive loan help.
  • Avoid working with anyone who makes promises that sound too good to be true, such as all your loan debt will be forgiven for a small fee. Most government loan forgiveness programs require years of payment or employment in a specific field before they're forgiven.
  • Do not tell anyone your FSA ID, even if they are helping you with your student loans.
  • Look for signs of phishing if you receive any unexpected communications about your student loans. Some phishing signs are typos in the email or sent from an email address that is similar to the legitimate one, but not exact. How to Avoid Student Loan Forgiveness Scams lists true email, text information and loan servicers used by ED.
Loan Servicers for the U.S. Department of Education (ED)How to Avoid Student Loan Forgiveness Scams (studentaid.gov)

Learning with Laughter 

Buzz Lightyear and Woody from Toy Story. Text says, "Scammers scammers everywhere." 

From the CISTO

What are phishing exercises and why do we conduct them?

Phishing tests are like an information security version of a fire drill. The practice email messages help recipients to be prepared when they receive communications from a malicious sender. The results help ITS identify how our organization is likely to react when a real phishing attack occurs, and how to further promote best practices.  The good news is that we also offer educational opportunities through KnowBe4 to learn how to be prepared for phishing!  

More about KnowBe4

Meet Jessica Sabourin!

Jessica is smiling against a gray background.

Jessica Sabourin, Executive Director of Financial Aid,  joined WPI in July 2019. 

She has over 16 years of higher education experience and leadership in various areas including enrollment, advancement, finance, and student accounts.

When not at work, Jessica enjoys spending time with her family, running, reading, traveling, and the beach.

Jessica's WPI Profile

Valentine Specials for Your Devices

February is known for romance, but don't forget that your favorite devices need some special attention too. 

Device TLC (help.wpi.edu)

Let Zoom Meeting Invitees Know You Care

While Zoom AI Companion, a generative Artificial Intelligence digital assistant, is set to “allowed” at the WPI Zoom account level, hosts and attendees have options! Hosts can activate or disable the Zoom AI Companion in their own account settings. Attendees receive a prompt announcing the host's intent to use AI Companion and can request it be turned off. AI can help where needed in Zoom, or be shut off where not appropriate.

More about Zoom AI Companion

Before You Say, "Be My Valentine"...

Unfortunately, fraudsters are out there to take advantage of your quest to find love online. In 2023, Massachusetts residents lost over $8.5 million to confidence and romance scams. The links below provide more details about how romance fraud happens.

Romance Scammers Are Targeting Younger People (The Penny Hoarder)Romance Scam Cost a Widow her Life Savings, Home, and Dogs (CBS News)Protect Yourself Against Romance Scams (DHS.gov)

Featured Videos

Learn more about avoiding  loan and tax scams from these short videos. 

Play It Safe: Protect Yourself From Student Loan Scams (01:15)Tax scams: What to watch for in 2025 (CBS)

Financial Scams in the News

According to Ryan Sherstobitoff, senior vice president of threat research and intelligence, "Nearly all major US banks faced third-party breaches, exposing serious weaknesses across our interconnected digital ecosystem." 

Nearly all of the top US banks were impacted by third party breaches last year (ITPro.com) 

In April 2024, the Impersonation Rule went into effect. This strengthens the Federal Trade Commission (FTC) tools to combat and deter scammers who impersonate government agencies, such as those who swindle money out of consumers seeking student loan debt relief.

FTC Announces Impersonation Rule Goes into Effect (FTC)

According to Experian, the top scams to watch for in 2025 are: artificial intelligence, imposter, and extortion that targets minors.

The Latest Scams You Need to Be Aware of in 2025 (Experian)

Student Loan Fraud By the Numbers

-FTC reimbursed a total of $4.1  million to 27,584 consumers in March 2024. These people paid Mission Hills Federal or their subsidiaries for illegal junk fees towards false loan forgiveness.

- In June 2024 legal action was taken against Panda Benefit Services and their aliases who bilked more than $20.3 million from consumers seeking student loan debt relief.

- Over $10 million was collected by Superior Servicing for student loan debt relief services that consumers never received. The FTC filed an injunction against them in December 2024.

FTC Sends More Than $4.1 Million in Refunds to People Who Lost Money to Student Loan Debt Relief Scheme (March 2024)FTC Stops Scheme that Bilked Millions out of Student Loan Borrowers (Dec 2024)

Diversity in Cybersecurity

Mary N. Chaney, Chairwoman, CEO, and President of Minorities in Cybersecurity

Mary is smiling, wearing a light purple, sleeveless dress with a park background.
Mary N. Chaney

Coming Next Month...

Careers in Cybersecurity 

  

Is there a cybersecurity topic that you would like to know more about? Please contact WPI Information Security using Get Support below.