The Internet Crime Complaint Center (IC3) has issued an alert addressing a spear phishing scam targeting university employees and their payroll accounts.
Employees should understand they may be a target of this scam and are encouraged to review the IC3 Alert for details.
Scammers are using fraudulent emails and websites to entice employees to reveal login credentials. As a result, these scammers are able to steal employee paychecks and log in to other university systems.
If you receive an email that looks suspicious, even if you know the source, before taking any action, forward the suspect messages to firstname.lastname@example.org. The OCIO Enterprise Security team will analyze it.
Employees can also refer to Security Tip ST04-014 for ways to avoid becoming the victim of similar phishing attacks.