Award Scams Target Faculty and Researchers

Faculty and researchers should be cautious of emails that promise unexpected awards or recognitions by organizations that can’t be verified. This type of scam especially targets those with published scientific or academic research papers.

How the scam works

These scams exploit the recognition and prestige associated with academic publishing, while financially benefiting the scammer.

Here's how it works:

• Bait: You may receive an email informing you that you are eligible for a "Best Researcher" award or similar prestigious-sounding recognition.
• Hook: The email will direct you to fill out a form, often requesting your contact information and CV for consideration. To mask the scam, these websites might use and hand off to various domains that could seem legitimate, but are not connected to actual organizations.
• Scam: The scammers’ real goal is financial gain, often by requesting a "shipping/handling fee" for delivery of the award, which is neither prestigious nor valuable and may never be delivered.

What to do (and not do)

To avoid being tricked by this type of scam, use these best practices:

• Be cautious: Be especially skeptical about award offers from unknown sources. If you receive such an email, do not click on any links or provide any information without verifying its legitimacy.
• Verify: Always independently research the organizations and potential awards. You can also contact your department chair or research office for assistance to verify senders.
  • Carefully check the email address of the sender. Phishing emails often use slightly altered or suspicious email addresses that may not match the supposed organization.
  • If you suspect a phishing attempt, use the Report Phishing button in Outlook or forward the email to phishing@stanford.edu.
• Do not provide financial information: Never provide credit card, bank account, or other financial details in response to these emails. Do not transfer funds to pay for shipping/handling or other seemingly administrative processes.

By being vigilant and following these guidelines, you can help prevent these scams from succeeding.

Various types of cyber attacks on the rise

Overall, the amount and the level of sophistication in cyber attacks are increasing, with AI being an important factor.

Here are a few traits of recent attacks that our Information Security Office (ISO) is flagging:

• Transactions and requests moving from email to over-the-phone
• Prompts to check your 2025 “Performance Evaluation Report” or similar
• Requests to pay shipping/handling and other fees for promised items
• Mimicking two-factor authentication (to increase appearance of authenticity)
• Multi-part operations, such as stealing a Stanford email address to use as the sender to members of other universities (to increase appearance of authenticity)

If you get emails, phone calls, or text messages that use these tactics, do not click or engage–report the attack.

Learn more or get help

• Learn how to recognize, report, and stay vigilant with the Stay Safe From Phishing Scams Guide.
• Opt into URL Defense to enhance your email security.
• Find more IT security news, resources, guides, policies, and education at security.stanford.edu
• Reach out to ISO to request help.