Winter Holiday Cybersecurity Tips

To: Campus Community
From: University Information Technology Services
Subject: Winter Holiday Cybersecurity Tips
Date: Dec 16, 2024

Shopping, travel and other distractions are at an all-time high during the winter holidays. Stay vigilant against scammers who may try to steal your money, access your devices or harvest your personal information or login credentials this season.

Six winter holiday cybersecurity tips:

  • If it sounds too good to be true, it is. Avoid ads for holiday deals or apps outside your phone's app store. Shop directly on trusted retailer websites.
  • Watch for fraudulent actors. Verify charities and stores before sending money.
  • Scammers want you to act, not think. Be cautious of "urgent" delivery or invoice messages that want you to click links or attachments. Never send pictures of yourself to someone you do not know.
  • Beware requests for money/gift cards or personal information. Verify sources before sharing money or personal information — legitimate ones will not ask for passwords or passcodes outside login portals. The university will never ask for login, password or other personal information via email.
  • Public Wi-Fi is not secure. Avoid logging in to accounts or shopping on public Wi-Fi. Use cellular data or a Virtual Private Network (VPN) for a secure connection.
  • Criminals are expecting you to be distracted. Set alerts on bank accounts and credit cards for large or international transactions. Use strong passwords and two-factor authentication on your financial accounts.

    On Dec. 16, employees and students were automatically enrolled in advanced NetID+ two- factor authentication features provided by Duo to enhance protection for university accounts. See additional tips for keeping your university accounts secure.

    Information and resources

    To protect your accounts and personal information, stay alert and informed! Visit the Information Security website and the Phishing Alerts webpage, to learn about the latest university-reported phishing scams. If you suspect that an email is a phishing attempt, forward the email as an attachment to phish@arizona.edu.

Resources for the Media