A recent scam using fake Indiana government email addresses is prompting a broader warning to Hoosiers.

The messages claimed to involve unpaid tolls and tricked some people into clicking on links where their personal information could be stolen. Investigators traced the emails to a former state contractor’s account which should have been shut down.

Isak Nti Asare, executive director of the Indiana University Cyber Security Clinic, said the breach shows why Indiana must treat cyber defense as essential.

“Cyber security should always be a big thing for us,” Nti Asare emphasized. “Not because we’re reacting to news of incidents and attacks and vulnerabilities but rather just because understand that in order for us to thrive in the digital age as Hoosiers, we need cyber security.”

He added it was not just a contractor mistake; it reflects the need for stronger systems and better planning statewide.

Nti Asare pointed out cyber threats happen constantly, not just when headlines appear. He urged people to stop and think before responding to messages that feel urgent or unusual.

“If somebody bumped into you in the street and said, ‘Hey, give me your credit card details.’ You would go, ‘What?’ You’d say, ‘OK. Show me a badge. Do you have a warrant?'” Nti Asare explained. “We need to be as cautious as you would be in the physical realm, if not really much more, actually.”

Indiana’s attorney general urged people to report suspicious emails at IndianaConsumer.com. Experts recommended using multifactor login tools, freezing credit reports when needed and changing passwords regularly.