As a student you MUST use your Simmons email. WHY?

  • Your professors will email your assignments and announcements to this email address.
  • We will email you important information about billing and registration.
  • If you qualify for a special scholarship, we will email such notices to you.
  • To function in the world today, you must use and read emails.We will send notices to your personal (non-Simmons email) ONLY for the purpose of helping you set up your Simmons email.


NEVER USE THE SAME EMAIL FOR YOUR BANKING THAT YOU USE FOR YOUR REGULAR MAIL. Why? If someone hacked your email, they could zap up all your money.

NEVER GIVE YOUR PERSONAL PASSWORDS TO ANYONE ELSE. That gives them control over your business and your life. Okay, if you parents pay all your bills, they should have your passwords.

WHEN CHECKING YOUR PERSONAL EMAIL AT A PUBLIC Wi-Fi, Be sure to log out of your web mail. Anyone coming behind you would see and have access to all your records.

BE CAREFUL WHAT YOU DOWNLOAD. A top goal of cyber criminals is to trick you into downloading malware—programs that try to steal information. This malware can be disguised as anything from a popular game to something that checks traffic or the weather.


Share these tips with your friends, parents, and grandparents.

SIMMONS COLLEGE WILL NEVER ASK YOU TO GO BUY GIFT CARDS AND PHONE OR EMAIL THE NUMBERS. Your relatives will not do this either, even if they are traveling out of town.

PAY VENDORS THROUGH PAYPAL. It’s easy to get a Paypal Account, which has dual levels of security and prevents vendors from knowing your personal credit card information. With Paypal you can easily send Money to family and friends, and pay your bills and shop online with greater security.

MASKING: Clever thieves will send an email that looks real: It might say, which looks authentic but is not a Simmons address. It might even say it’s from an actual Simmons email, but when you hit reply, it says

[mailto:]. People will impersonate others to trick you and con you out of your money.

THE NIGERIAN PRINCE – YOU’VE WON THE AUSTRALIAN LOTTERY SCAM. If you get an email asking to use your bank account to deposit money, that is a scam, no matter how great it sounds. There are many variations of this scam. Here’s how it goes: they deposit a check in your bank account, you start spending the money, and then the check bounces. You will owe the bank huge fees for bouncing and over-drafts. The thief is from another country and cannot be found.

THE IRS SCAM: If you get a phone call or email saying you owe the IRS and they are going to garnishee your bank account or arrest you unless you call them now and pay up, it’s a scam. The IRS only sends bills through written mail. It uses email only if you have signed up with them for that.

YOUR BANK CALLS AND ASKS FOR YOUR PASSWORD SCAM. Many elderly people fall for this scam. No bank officer will ever phone you and ask for your password to your account, to verify your social security number, or your debit card pin number. It’s a thief.

We live in an electronic age. You have to be savvy on the internet just as you would be walking alone down a dark street at night. Here are some links to learn more:

Did you know that young people ages 20-29 more often fall for scams than those over 70?


Don’t click on links in spam, unexpected or suspicious emails.

Never open attachments in emails from someone you don’t know. Cybercriminals often distribute fake email messages that closely resemble email notifications from an online store, a bank, the police, a court, or a tax collection agency. They lure recipients into clicking on a malicious link that will release the malware into their system.

Be aware that any account can be compromised, and malicious links can be sent from email and social media accounts of friends, colleagues or an online gaming partner. If an attachment you’ve received from a contact seems suspicious, it’s better to ask the sender about it on a trusted channel, such as a phone call.

Avoid sharing personal data.

Cybercriminals planning a ransomware attack will try to gather your personal data in advance, so as to make their trap more convincing. They will do so, for instance, through phishing emails targeting you specifically.

  • If you receive a call, text, or email from an untrusted or unverified source that asks for personal information, don’t provide it. Always confirm the contact’s authenticity.
  • If you are contacted by a company asking for information, ignore the request. Instead, contact the company independently, via the contact details on its official website, to verify whether this request is genuine.

Be meticulous with sensitive data.

Sensitive data must be treated differently from day-to-day data.

  • Store pictures, business documents, personal data, etc. on separate devices for longer-term storage.
  • Remove data when no longer necessary, such as temp files, browser histories, old pictures/texts, etc.
  • Ensure all accounts use unique and strong passwords to mitigate the damage if the credentials are released.
  • Update your passwords frequently, and consider using a password manager.
  • Also, consider storing sensitive files encrypted at the user level (beyond full-disk encryption).

Consider using multi-factor authentication on your important online accounts.

Multi-factor authentication (MFA) is an extra layer of security used to make sure that people trying to gain access to an online service (such as banking, email, or social media accounts) are who they say they are.

After you’ve entered your username and password, you will be required to provide another piece of information (second step). This information should be something that only you can access, for instance a code sent by text message, or a code generated by an Authenticator.

MFA is available on most of the major online services. While some of them will have it activated by default, in some others you will need to manually switch it on. Check out the security settings of your account (it could also be called ‘two-step verification’).

Be wary while browsing the internet and do not click on suspicious links, pop-ups, or dialogue boxes.

These are links you don’t recognize or don’t contain any words that make sense. Clicking on them might download malware to your systems, with the link often not leading to the intended website. If you aren’t sure, run the website through a search engine first to see if it really exists.

Browse and download only official versions of software and always from trusted websites.

If you are downloading something on your phone or tablet, make sure you use reputable sources and stores, like the App Store (Apple) or Google Play Store (Android). The best way to determine whether a website is fraudulent is to pay close attention to the URL. The domain name in the URL should match the name of the website. An HTTPS connection and displaying the padlock icon are signs of secure connection, but this doesn’t mean you can trust it.

Never connect unfamiliar USB sticks to your systems.

Don’t insert USB or other removal storage devices into your computer if you do not know where they came from. Cybercriminals may have infected the device with ransomware and left it in a public space to lure you into using it.

Use a Virtual Private Network (VPN) when using public Wi-Fi.

When you connect to a public Wi-Fi network, your device is more vulnerable to attacks. To stay protected, avoid using public Wi-Fi for confidential transactions, or use a secure VPN.

Ensure that your security software and operating system are up to date.

When your operating system (OS) or applications release a new version, install it. If the software offers the option of automatically installing updates, take it.

Do not use high privilege accounts (accounts with administrator rights) for daily business.

Admin rights allow users to install new software and control the way the systems operate. Perform daily tasks through a standard user account instead. This will help prevent harming your system if you click on a malicious executable file or if a hacker infiltrates the network.

Enable the ‘Show file extensions’ option in the Windows settings on your computer.

This will make it much easier to spot potentially malicious programs. Stay away from file extensions such as ‘.exe’, ‘.vbs’ and ‘.scr’. Scammers can queue multiple extensions to disguise a malicious executable such as a video, photo, or document (like hot-chics.avi.exe or doc.scr).

Turn on local firewall.

Turn on your local firewall to defend against unauthorized access.

  • On Apple devices: System Preferences > Security & Privacy.
  • On Windows devices: Start > Settings > Update & Security > Windows Security > Firewall & network protection.

Infected… What to do next?

  1. If you discover a rogue or unknown process on your machine, disconnect it immediately from the internet or other network connections (such as home Wi-Fi) — this will prevent the infection from spreading.
  2. Don’t pay the ransom. You will be financing criminals and encouraging them to continue their illegal activities. There is no guarantee that you will get access to your data or device, and you are more likely to be targeted again in the future.
  3. Take a photograph or a screenshot of the ransom note presented on your screen.
  4. If available, use antivirus or anti-malware software to clean the ransomware from your device. You may have to reboot your system into Safe Mode.
  5. Removing the ransomware will not decrypt your files, but it will let you carry out the following steps without new files becoming encrypted.
  6. If you had a backup, restore the information, and read our advice to prevent you from becoming a victim again.
  7. If you do not have a backup, visit to check whether your device has been infected with one of the ransomware variants for which we have decryption tools available free of charge. The information regarding the ransomware note will be useful in this process.
  8. Report it to your national police. The more information you provide, the more effectively law enforcement can disrupt the criminal enterprise.

1018 South 7th Street

Louisville, Kentucky 40203

(502) 776-1443

© 2023 Simmons College of Kentucky.

All Rights Reserved

Simmons College of KY has been approved to participate in the National Council for State Authorization Reciprocity Agreements.

None of the Simmons College of KY programs lead to licensure.

Simmons College of Kentucky is nationally accredited by the Association of Biblical Higher Education