Fake Form, Real Phish

Cybercriminals are targeting students and teachers by stealing their login information through phishing emails. These emails often contain an attachment with a QR code, instructing recipients to scan it to update contact information, check benefits, or apply for opportunities at their university.

If you scan the QR code with your mobile device, it leads you to a fake Google Form that requests your email address, password, and other sensitive data. Because Google Forms are commonly used in educational settings, the email appears convincing. However, any information entered into the form is stolen by cybercriminals to access your online accounts. You won't update your email address, apply for a job opportunity, or check your benefits—instead, your personal information is compromised.

Tips to Avoid Phishing Scams:

- Be cautious of QR codes in attachments, as they might direct you to malicious links designed to steal your information.
- Never open unexpected attachments. Always use your organization’s official web portal to check benefits, update information, or complete other tasks.
- Stay vigilant, as these scams may target anyone, not just students and teachers. Always be cautious before entering personal information or passwords online.