HR, Payroll and Benefits News

Protect Yourself from Phishing Attempts

Phishing is the use of email and fraudulent websites to lure people into disclosing personal identity information such as user names, passwords, Social Security numbers credit card and other financial information.

Although most “phishes” arrive via email, phishing attempts can also be in the form of phone calls, text messages and even in-person, such as in the case of someone engaging in face-to-face impersonation.

There are many ways that you can protect yourself from phishing attempts. It starts with awareness and following some simple strategies:

  1. Never disclose personal information, especially your usernames and passwords.
  2. Hover your cursor over hyperlinks to check the URL. Do not click a hyperlink until you verify that the URL is legitimate.
  3. Verify organizations, addresses and phone numbers by doing an internet search to confirm the validity of the sender.
  4. Look for these common signs of phishing attempts:
    • The message is unsolicited and asks you to take action revealing personal information.
    • The message has a “from” address that you don’t recognize.
    • The message has misspelled words or grammatical errors.
    • Messages that present a sense of urgency for your response should alert you.
    • A web site doesn’t have an “s” after “http//:” indicating it is not a secure site.

What to do if you Suspect a Phishing Attempt
If you suspect that you are on the receiving end of a phishing attempt, do not respond, open any links, or forward the message. Contact your local IT staff or Help Desk immediately for assistance.

Source: UW-Shared Services, Service Operations