Last Updated: Tue, 05/17/2022 - 10:09
Status: Active Severity: Major

Western has been receiving phishing emails asking you to "validate active accounts" or saying you have two different logins and you need to reconcile them.  NEVER respond to such emails.  Someone is trying to steal your username/password  Instead, go the the ATUS website and follow their directions to change your password.  You may also receive phishing emails from internal users who have had their accounts compromised.  See the images below.

Original Google doc page from a link inside of an external phishing email:

Phish to Google Doc


Phishing emails from legitimate internal users:

Phish from internal compromised user


Last Updated: Wed, 03/09/2022 - 10:57
Status: Active Severity: Minor

Western has been receiving robo phone calls from a spoofed Western phone number.  This means that though the call originated outside of Western, it appears to be from Western.  The number we are currently seeing is (360) 650-7929, but this may change over time.  There is not much Western can do to prevent these calls at this time, so your best strategy is to decline the call and let it go to voice mail.

Last Updated: Tue, 12/21/2021 - 17:39
Status: Active Severity: Major

Western has been receiving phishing emails from compromised SharePoint and OneDrive sites, saying someone has shared a file with you.  Unless your are expecting a file to be shared with you, and know the person sharing the file, do not try to open it!  You may be prompted to enter your credentials, and your identity will be stolen.  Please also sign up for multi-factor authentication to better protect your identity.

Image removed.

Last Updated: Tue, 11/30/2021 - 12:58
Status: Active Severity: Major

Western has been receiving a large number of "pet sitting" scam emails.  If someone sends an offer of a pet sitting job, even if it appears to be the email address of a Western community member, it is likely to be malicious.  Below is an example of one sent 11/30/2021:

Pet sitting scam email
Last Updated: Wed, 09/15/2021 - 17:30
Status: Active

Western users have been receiving many emails sent from Google, SharePoint and OneDrive that contain links to files infected with malware.  If you click on the links, your workstation may be infected with malware and your credentials (username/password) may be leaked to the hacker.  To protect yourself, do not click on a link unless you are expecting a file and know the sender.  Below is an example of an email with a malicious sharing link.

Malicious email image
Last Updated: Fri, 07/30/2021 - 16:46
Status: Active

Western's Information Security Office (ISO) has found several personal devices on our network being used for cryptocurrency mining.  According to the federal Cybersecurity and Infrastructure Agency, "Cryptocurrency mining, or cryptomining, is the way in which cryptocurrency is earned. Individuals mine cryptocurrency by using cryptomining software to solve complex mathematical problems involved in validating transactions. Each solved equation verifies a transaction and earns a reward paid out in the cryptocurrency."  

Cryptomining takes enormous compute power.  To earn money, malicious actors have developed malware that can infect your system and use it for cryptomining unbeknownst to you (cryptojacking).  You may find your system performance degraded, your system crashing, or hardware components failing.  To ensure you are not a victim, make sure you take the normal precautions of keeping your system patched, ensuring up-to-date malware protection software is installed, and never clicking on links in emails unfamiliar to you.  Also, sign up for Western's multi-factor authentication (MFA).

Lastly, realize that if you are purposely cryptomining at Western, you are violating our Computer Use Responsible Computing policy.

Last Updated: Wed, 09/15/2021 - 17:32
Status: Active

Western has been experiencing retirement scam emails.  Be aware that any information about retirement should come only from Western HR.  Please contact the Washington State Department of Retirement Systems directly if you have any questions about your retirement.

Retirement Scam Image