When Naya Dukkipati was a freshman at USC, she got an opportunity to earn some cash while doing something she loved.
Dukkipati, a math tutor since high school, received an online message from a mother seeking an algebra tutor for her son. The mother offered to pay in advance and quickly sent a check. Thinking she landed a new gig, Dukkipati deposited the payment into her new retirement account, but soon realized the mother had overpaid. Dukkipati paid back the difference to the mother.
It wasn’t until weeks later that Dukkipati realized she’d been scammed. The check she’d received was a fake. There was no son who needed Algebra help. And her retirement account was gone – shut down by her bank, which suspected her of fraud. Dukkipati lost about $2,000.
The scam became a turning point. Dukkipati, a student at the USC Price School of Public Policy, decided to gain technical skills and policy knowledge to address digital exploitation. She pursued a bachelor’s degree in Public Policy with a focus on Data Analytics, and another in Intelligence and Cyber Operations from the USC Dornsife College of Letters, Arts and Sciences.
“People know scams happen, but they don’t know how to respond to them.”
Naya Dukkipati
Now, she’s sharing that knowledge across campus. Dukkipati launched Project SafeWeb, a student-led initiative to educate students on how to navigate the internet safely to combat digital exploitation and cyber trafficking. The initiative is associated with Shift SC, a USC student club focused on socially responsible technology.
Funded by a $15,000 scholarship Dukkipati won from the Donald A. Strauss Foundation, the Project SafeWeb events across California include presentations on digital threats, law enforcement responses, and technology legislation, as well as workshops ranging from how to spot scams to tightening security on Instagram accounts. One recent event gathered 65 people, Dukkipati said.
“The importance of digital literacy is spoken about, but often in abstract ways,” Dukkipati said. “People know scams happen, but they don’t know how to respond to them. People don’t realize how sophisticated scams can be because of social engineering. Scammers know that people are naturally kind, so when you see someone’s trying to talk to you, your initial reaction isn’t necessarily to ghost them or question them.”
To help keep people safe online, we asked Dukkipati to offer a few digital safety tips. Her answers were lightly edited for length and clarity.
1. Don’t use the same password.
“A lot of people choose passwords that are easy to remember and use them across all of their accounts. But you should fully differentiate your passwords across your different platforms and accounts. At the very least, make sure your bank information is very different from the passwords you use for social media. Scammers will often start through social media, then find other information about you.”
2. Build complex passwords.
“You can test the strength of your password by searching for a password strength tool. That will tell you how easy it is for a computer to do a brute-force attack, a hacking method that uses a persistent, automated trial-and-error process to guess login credentials. Often, most people’s passwords would last, at most, an hour before the correct password is guessed. If you make a password correctly, though, you make sure that such an attack wouldn’t be successful. Students should also opt into a passkey, such as Face ID or Touch ID, if available because passkeys can’t be phished or leaked.”
3. Use a password manager.
“Password managers are encrypted, and USC offers a free one. It’s called 1Password. This is good to use, so you don’t have to be scared about remembering passwords.”
4. Meet someone suspicious? Look them up.
“There are websites like whois.com that offer Whois Lookup services, where you can search domain links. For example, if you’re worried that a job recruiting site isn’t legitimate, you can enter the link and it can tell you who registered that domain and when. If that domain was registered, say, just a few months ago, that might raise a red flag.”
5. Double-check that emailed link.
“People know they should be careful about clicking links in emails, but scammers can mask a link very easily to make it look legitimate. For instance, in Gmail, you can type a ‘title’ for a link, so scammers can make it look as if it’s a sophisticated link, like usc.edu. All you have to do is hover your mouse over the link and you can see if the title matches the actual link.”
