Although the IRS will not accept tax returns until Jan. 23, scammers are preparing to race you to file your return! All taxpayers, including members of the UD community, must be aware of scams and should protect themselves. Any taxpayer could be at risk of fraudulent returns being filed in their name. Scammers only need limited information—like your name, birthdate, and social security number—to file fake returns. If they file a fake return using your SSN, you will be blocked from filing your own tax return until you work with the IRS to resolve the matter.

Similarly, all taxpayers should watch out for phishing or phone scams in which imposters pose as the IRS and call or email demanding money. The IRS never calls or emails taxpayers about taxes owed or delinquent payments.

Finally, all UD employees who process HR or payroll data should watch out for suspicious emails requesting employees' W2 forms. Employees at many prominent companies have fallen for this scam and released employee W2 data—thereby revealing employee SSNs and confidential information to the scammers. Other universities are reporting that their HR staff are seeing this scam, too.

What can you do to avoid being a victim of a tax scam?

• File your taxes early. Scammers cannot use your SSN to file a return if you have already filed yours.
• Be wary of any communication requesting your personal information. Always verify the sender before responding or taking action, especially if they're asking for personal information. Consult the IRS Tax Scams/Consumer Alerts page for further information.
• Remember that the IRS will contact you by letter if there is a problem with your return. A call or email, especially a threatening one, is likely a scam.

This tax season, file early and be alert. If something looks or sounds fishy, report it to the IRS.

Take action! File your federal and state tax returns as early as possible.

Two-factor authentication (2FA) is a simple way to protect your UDelNet account and the information it contains. It helps block unauthorized access to your account by adding an extra layer of security to the traditional login process. Over the past year, the University has been adding 2FA protection to more services and accounts.

In early February 2017, 2FA will begin protecting online HR and payroll forms that employees use to transmit confidential information (bank accounts, SSNs, private contact information) and forms that students use to process certain financial aid transactions. By adding the requirement that people use 2FA to access these forms, the University is reducing the risk that students’ and employees’ financial accounts and personal information could be compromised. All UD employees are encouraged to sign up for 2FA before Feb. 6, 2017.

Over 10,700 members of the University community have signed up for 2FA protection. All UD graduate students are using 2FA, and we plan to have all undergraduate students using 2FA by January 2018.

Take action! Learn more about 2FA and enroll today.

Employees are the University's strongest asset. To cyber criminals, however, an organization's employees often represent the weakest link in the security chain. Your security awareness is essential to preventing our University and our community from being victimized by a cyber attack. Participating in regular security training helps raise your awareness of cyber threats and best practices to combat those threats, helping transform our community into a strong cyber defense.

Secure UD Training uses short, topical training videos to address key ideas in information security. These training videos can fit into a deskside lunch break or a brief break between emails. University employees are encouraged to complete Secure UD Training to better equip themselves to face cyber threats in their personal and professional lives.

If you have not already done so, we urge you to join your colleagues in creating a culture of security awareness at UD by completing your 2016 Secure UD Training. 2017 Secure UD training will launch in late February. Secure UD Training is refreshed annually to help the University community stay aware of current cyber threats so that each employee can play an active role in protecting our University and our community.

Departments can request Secure UD Training completion reports by emailing a request to secadmin@udel.edu.

Take action! Complete your Secure UD Training.

Many people overlook the importance of backing up files regularly—until they have a disaster and lose their work. Backing up your work also protects the integrity of your information in case of a drive failure. In addition, having a secure backup copy of your system is one of the best defenses against malware and ransomware infections. UD IT recommends backing up your personal and family systems with software like Code42's CrashPlan.

Anyone with an @udel.edu email address—students, staff, and faculty—can save 25% on one-year plans for Code42's CrashPlan for Home. For information about purchasing CrashPlan for Home for your personal and family computers, consult the Buy Personal page at the UD Computing Purchases website.

You can back up your UD files using Google Drive or by making sure your work files are stored on a departmental server that is backed up regularly. (Consult your departmental or college IT staff for more information. Departments can choose to enroll in UD IT's central backup service or may be running their own backup service.) In addition, UD IT staff are implementing a pilot Code42 CrashPlan deployment on select University-owned systems.

Take action! Visit the UD Buy Personal page for information about CrashPlan for Home!

The Secure UD Threat Alerts blog provides bulletins about cyber threats seen on campus, including phishing scams targeting the University community.

Take action! Stay informed by checking the Secure UD Threat Alerts blog regularly.