Alerts

The Washington State Office of Cybersecurity is warning folks to be cautious when shopping this holiday season.  Some important tips include:

• If you're shopping online, do it from home (not a coffee shop or other public network).
• Beware of deals that seem too good to be true, especially if the web address looks a little off (like "www.amaz0n-deals.xyz").
• Ignore those fake "track your package" emails and texts from scammers.  Only use the link from the actual online order to track your shipments.
• Remember to use strong passwords, shop with known/trusted retailers, and always use MFA if the option exists!

For more tips on staying safe online, check out the National Cybersecurity Alliance: Online Safety and Privacy Resources - Articles - National Cybersecurity Alliance

Welcome to Western!  Whether you are a new student or a returning learner, you have a lot to juggle as the new year begins.  And that means it's the perfect time for bad actors to try to scam you with fake job scams, financial aid scams, fake emails from "Your IT Department" and a myriad of other threats.  To learn more about staying safe online as a college student, check out this article from the National Cybersecurity Alliance.  And remember -- Western faculty and staff are here for you, so if you need help, please ask!

Students are being targeted with scam emails from GMail addresses -- Bank Mobile refund scams, fake job scams, and fake "IT Department" messages.  If you receive these emails, delete them.  WWU and its partners like Bank Mobile will never send you official communication from a gmail.com email address.  If you were tricked by the emails, please contact the ATUS Help Desk at helpdesk@wwu.edu or 360.650.3333 to have your account secured.

Scammers are targeting WWU users with emails from a free file sharing site called transfer.it.  If you receive an email from transfer.it that you were not expecting, please delete it.  Do not click the link or download the files that have been shared with you, as they are likely malware.

Exercise caution before installing free apps from the internet.  Apps that appear safe, like Doc-to-PDF converters, may contain malware that can hijack your web browser, steal your passwords, and redirect you to malicious websites.  If you need software to perform a particular action, please contact the Help Desk or Software Services for advice before downloading anything -- an officially-supported Western option may be available.

WWU has received thousands of malicious emails in the last two weeks from multiple Gmail addresses claiming to offer a BankMobile Financial Aid refund.  These emails contain Word documents with a link to a web form designed to steal your username and password.  

WWU will never send you official email about your financial aid from a Gmail address.  If you receive these emails, please report them as Phish following the instructions here: Phishing: How to Protect Yourself from Fraudulent Emails | ATUS | Western Washington University.

If you fell for this scam and were tricked into giving up your username and password, please contact Information.Security@wwu.edu for assistance.

Western has been receiving phishing emails asking you to "validate active accounts" or saying you have two different logins and you need to reconcile them.  NEVER respond to such emails.  Someone is trying to steal your username/password  Instead, go the the ATUS website and follow their directions to change your password.  You may also receive phishing emails from internal users who have had their accounts compromised.  See the images below.

Original Google doc page from a link inside of an external phishing email:

Phishing emails from legitimate internal users:

Western has been receiving robo phone calls from a spoofed Western phone number.  This means that though the call originated outside of Western, it appears to be from Western.  The number we are currently seeing is (360) 650-7929, but this may change over time.  There is not much Western can do to prevent these calls at this time, so your best strategy is to decline the call and let it go to voice mail.

Western has been receiving phishing emails from compromised SharePoint and OneDrive sites, saying someone has shared a file with you.  Unless your are expecting a file to be shared with you, and know the person sharing the file, do not try to open it!  You may be prompted to enter your credentials, and your identity will be stolen.  Please also sign up for multi-factor authentication to better protect your identity.

Western has been receiving a large number of "pet sitting" scam emails.  If someone sends an offer of a pet sitting job, even if it appears to be the email address of a Western community member, it is likely to be malicious.  Below is an example of one sent 11/30/2021: