Alerts
Instructure Canvas Learning Management System was involved in a data breach in April 2026. WWU was among the schools whose data was exposed in the breach. For more details, see Canvas Security Incident | Information Security Office.
Western employees have received a steady flow of phishing emails the past week, including fake DocuSign emails, fake voicemail notifications, and fake IT alerts about a full mailbox or needing to change your password. These emails usually have a "from" address that matches the recipient's address. If you receive one of these emails, you can report it as phish in Outlook by following the instructions on ATUS's website here: Reporting Phishing Email | ATUS | Western Washington University
Beware of unsolicited text messages claiming to be from WWU HR. HR will never send a text message to your personal cell phone claiming to have a "compensation update" for you.
The Washington State Office of Cybersecurity is warning folks to be cautious when shopping this holiday season. Some important tips include:
- If you're shopping online, do it from home (not a coffee shop or other public network).
- Beware of deals that seem too good to be true, especially if the web address looks a little off (like "www.amaz0n-deals.xyz").
- Ignore those fake "track your package" emails and texts from scammers. Only use the link from the actual online order to track your shipments.
- Remember to use strong passwords, shop with known/trusted retailers, and always use MFA if the option exists!
For more tips on staying safe online, check out the National Cybersecurity Alliance: Online Safety and Privacy Resources - Articles - National Cybersecurity Alliance
Welcome to Western! Whether you are a new student or a returning learner, you have a lot to juggle as the new year begins. And that means it's the perfect time for bad actors to try to scam you with fake job scams, financial aid scams, fake emails from "Your IT Department" and a myriad of other threats. To learn more about staying safe online as a college student, check out this article from the National Cybersecurity Alliance. And remember -- Western faculty and staff are here for you, so if you need help, please ask!
Students are being targeted with scam emails from GMail addresses -- Bank Mobile refund scams, fake job scams, and fake "IT Department" messages. If you receive these emails, delete them. WWU and its partners like Bank Mobile will never send you official communication from a gmail.com email address. If you were tricked by the emails, please contact the ATUS Help Desk at helpdesk@wwu.edu or 360.650.3333 to have your account secured.
Scammers are targeting WWU users with emails from a free file sharing site called transfer.it. If you receive an email from transfer.it that you were not expecting, please delete it. Do not click the link or download the files that have been shared with you, as they are likely malware.
Exercise caution before installing free apps from the internet. Apps that appear safe, like Doc-to-PDF converters, may contain malware that can hijack your web browser, steal your passwords, and redirect you to malicious websites. If you need software to perform a particular action, please contact the Help Desk or Software Services for advice before downloading anything -- an officially-supported Western option may be available.
WWU has received thousands of malicious emails in the last two weeks from multiple Gmail addresses claiming to offer a BankMobile Financial Aid refund. These emails contain Word documents with a link to a web form designed to steal your username and password.
WWU will never send you official email about your financial aid from a Gmail address. If you receive these emails, please report them as Phish following the instructions here: Phishing: How to Protect Yourself from Fraudulent Emails | ATUS | Western Washington University.
If you fell for this scam and were tricked into giving up your username and password, please contact Information.Security@wwu.edu for assistance.
Western has been receiving phishing emails asking you to "validate active accounts" or saying you have two different logins and you need to reconcile them. NEVER respond to such emails. Someone is trying to steal your username/password Instead, go the the ATUS website and follow their directions to change your password. You may also receive phishing emails from internal users who have had their accounts compromised. See the images below.
Original Google doc page from a link inside of an external phishing email:
Phishing emails from legitimate internal users:
