Security Tip of the Week

Watch Out for Holiday Scams into the New Year

November 28th, Tip of the Week  | What can you do to prevent becoming a victim of holiday scams?


  • Think before you click! Never click on links from unexpected or suspicious sources. Instead, contact your bank and other vendors directly rather than responding to a questionable email, phone call, or text message.
  • Beware of deals that are too good to be true. Offers on websites and in unsolicited emails can often sound too good to be true and they often are, especially extremely low prices on hard-to-get items.
  • Use unique, strong passwords across all accounts, and enable multi-factor authentication wherever possible.
  • Monitor bills, bank statements, credit reports, and retailer accounts to check for any unusual activity that might indicate fraud, identity theft, or if someone else has access to your account.
  • Be careful when posting on social media as always. Oversharing or even worse, sharing personally identifiable information (PII) can provide cybercriminals with clues to answer your security questions or craft believable, targeted scam messages.

Attacks Using QR Codes are on the Rise

November 15th, Tip of the Week  | Phishing scams that encourage users to scan fraudulent QR codes have seen a 51% increase throughout the current year. The threat actors are using QR codes embedded in images to bypass email security tools that scan a message for known malicious links. This has opened up a new attack vector, allowing these phishing messages to reach your inbox. The messages are being sent with a sense of urgency such as: Microsoft Final Warning: Security Authentication for {university name}

Most QR code scanners on modern smartphones will ask you to verify the destination URL before launching the browser as a protective step. You should always check the URL before proceeding. More importantly, never scan a QR code from an unsolicited email. When in doubt, you can always contact the ITS Helpdesk at X4357 or for assistance.

Beware of the Mobile Deposit Scam

November 1st, Tip of the Week  | The hoax is initiated through phishing messages found in emails and on social media. The goal of this particular scam is to get a conversation started with the victim that leads to an offer of employment. The scammer then sends a fake check ($2,807 for example) via PDF attachment and asks the victim to cash the check using mobile deposit to cover future travel and supplies. This seemingly legitimate payment often then comes with a vague request to immediately return a certain amount, but not all, via certified funds like a cashier’s check or money order, wire transfer, or to purchase gift cards. Once the criminal receives the “overpayment” from the victim, there’s no opportunity to get the stolen money back.

If you receive a suspicious message in your W&L email account, be sure to use the Phish Alert Button to report it. If unsure, you can always contact the ITS Helpdesk at X4357 or for further assistance.

Project Workday

Workday Training Site

Workday Login


Information Technology Services

ITS Dashboard


W&L Logo

204 W. Washington St.

Lexington, VA 24450

(540) 458-8400