Beware of phishing attacks targeting your UW NetID password

This message is sent on behalf of Kelli Trosvig, Vice President for UW Information Technology and Chief Information Officer, to all UW students, faculty and staff.

The purpose of this email is to provide important information to help you protect your UW NetID password from phishing attacks.

How does phishing work?
Cyber criminals try to trick you into disclosing your login credentials, passwords or other personal data by sending email messages that create a sense of urgency. Be wary of any email that threatens negative consequences if you do not click on a link to login with your user name (e.g., UW NetID) and password. If successful, the cyber criminals will use the information obtained to access your personal financial information or University institutional resources.

A common example is a message claiming to be from your bank or IT department, warning that your account access will be shut off unless you click on a link and promptly validate your user name (e.g., UW NetID) and password.

Why does phishing activity increase during income tax season?
Each January, the University makes Wage and Tax Statements (Form W-2) available through the Employee Self-Service (ESS) website. Cyber criminals target employees in order to obtain their login credentials (e.g., UW NetID and password) and then download the employee’s W-2. They use the information to electronically file a fraudulent federal income tax return in the employee’s name. By changing the bank account number, the cyber criminals receive the refund.

What should you do if you receive a suspicious message?
* Do NOT click on any links in the message or respond to it.
* Send the suspicious message as an attachment to help @ uw .edu.

This information enables the University to investigate and to improve automated detection of phishing messages.

How can you protect yourself?
* Be skeptical about emails that seem urgent or threaten negative consequences if you do not act. Do NOT reply, click links or divulge personal information or login credentials.
* Learn more about phishing and view the infographic on the UW Office of the CISO Web page; search for (CISO) on the UW Homepage.
* Use anti-virus software on your computers and devices, and keep it updated. Sophos Anti-Virus Software is available free of charge to all UW students, faculty and staff; search for (SOPHOS) on the UW Homepage.

Note: Links were intentionally not included in this email.

If you have any questions or concerns, please contact help @ uw .edu

Back to Top