Steps to Take

Job Scams and other contact with fraudsters and bad actors

What to do if you clicked, replied, or shared information

Depending on what happened, you may need to follow some or all of the steps below. Acting quickly can limit harm and help protect others.

If you believe you interacted with a scammer, such as responding to a fake job offer, clicking a link, opening a document, or sharing information, take the following actions.

1. Stop Contact Immediately

   • Stop all communication with the scammer

   • Do not reply to messages, click links, or open attachments

   • Do not try to “fix” the situation by continuing the conversation

Continuing contact increases risk once a scammer knows you are responsive.

2. Secure Your Accounts (Change Passwords)

Change passwords immediately for any accounts that may be affected, especially:

2. • Email

   • School or work accounts

   • Social media

   • Financial or shopping accounts

If you reused the same or a similar password anywhere else, change those too.

Important:
If you save passwords in your browser (Chrome, Edge, Firefox) and your email or Google/Microsoft account was compromised, assume all saved passwords are compromised. A bad actor may have copied them.

3. Enable Multi‑Factor Authentication (MFA)

Turn on MFA wherever it is available.

3. • Authentication apps or hardware tokens are more secure than SMS

   • Use SMS only if no other option exists

Reminder:
No one from IT or the Help Desk will ever ask for your password or MFA passcode.
Never approve a login attempt you did not initiate.

4. Report the Scam or Fraudulent Content

Reporting scams helps protect others and creates a record if further action is needed.

4. • Email, forms, files, or messages:
     Platforms like Google and Microsoft make it relatively easy to report fraudulent content using built‑in tools. Use those options whenever possible.

   • Other platforms:
     Some services make reporting harder, but it is always worth reporting. Reports help identify patterns, protect others, and support potential investigations.

   • If an organization is being impersonated:
     Look up the organization’s official website and report the scam using their published fraud or security contact.
     Do not use contact information provided by the scammer.

   • If HCC email or systems were involved:
     Report the message to the HCC IT Help Desk or your supervisor.

If you’re unsure where to report, the Help Desk can help.

5. Contact Your Bank or Credit Card Company Safely

If you shared financial information, deposited a check, sent money, or entered payment details:

5. • Contact your bank or card issuer immediately using a known, trusted method

     1. Phone number on the back of your card

     2. Official website or mobile app you normally use

Be suspicious of follow‑up contact

Scammers may pretend to be banks or other official organizations.

5. • Do not reply to messages or calls

   • Do not click links or use phone numbers they provide

   • Make note of what they say, hang up, and then contact the organization yourself using an official channel

If the contact was legitimate, it can be confirmed that way.

6. Make Sure Your Devices Are Up to Date

Keeping devices updated is one of the most effective protections against malware.

6. • Ensure the operating system on all devices you used is fully up to date

   • Apply security updates and patches promptly

Antivirus or anti‑malware scans can be helpful, but not all operating systems support traditional scanning, and scans alone are not sufficient. Modern devices rely heavily on OS‑level protections and updates.

If your device behaves unexpectedly or you’re unsure it’s secure, contact the Help Desk.

7. Monitor Accounts and Credit

Continue monitoring for suspicious activity.

7. • Review bank and credit card statements

   • Watch for unusual logins or account changes

   • Check your credit report for unfamiliar activity

You may also consider placing a free credit freeze or adding a fraud alert with the major credit reporting agencies.

8. Report Financial Loss or Identity Fraud

If you lost money, deposited fraudulent checks, or provided sensitive personal information:

8. • Contact your local law enforcement agency

   • File reports with appropriate fraud or cybercrime authorities

   • Save emails, messages, screenshots, and receipts

These records may be needed later.

9. Learn, Pause, and Share

Scams rely on urgency, pressure, and trust.

9. • Learn about the warning signs and types of scams

   • Be suspicious by default—do not assume inbound messages are legitimate

   • Pause before responding, clicking, or sharing information

   • Verify requests using known, trusted contact methods

Share your experience with friends, family, classmates, or colleagues.

Scams thrive on silence. Awareness helps protect everyone.

This site is available to anyone. Tell your friends.

When in Doubt

If something feels off, stop and verify before taking action.

Think before you click. Attackers want your credentials and personal information.