College of MedicineNewsBusiness OperationsNew Year, New Scams: Stay Alert to Phishy Activity

New Year, New Scams: Stay Alert to Phishy Activity

Person using a smartphone and laptop.

Washington State University’s Information Security Services team has observed an increase in malicious phishing campaigns that are actively targeting WSU users. These include scammers posing as benefits and retirement services professionals to solicit personal information and using AI tools to create targeted attacks.

Protect Your Information

WSU will never request sensitive, personal, or confidential information through email, text message, phone call, or other forms of communication. If you receive any communication asking for this type of information,please report it to abuse@wsu.edu as soon as possible.

To keep your information safe, please remember the following:

  • Passwords: Should only be entered at official WSU login pages. Never share the password to your WSU account via email, web forms, text messages, phone calls, or other methods.
  • MFA Codes or Requests: Should always remain private. Never share verification codes with others. Only approve multi-factor authentication (MFA) push notifications if you are actively signing in to a WSU resource.
  • Personal Details: Should always remain private. This includes banking information (credit or debit card numbers, checking account numbers, etc.), home address, phone number, and similar private data.

Recognizing Phishing 

The following indicators can help you recognize common phishing attempts from cyber attackers posing as WSU organizations or people:

  • Urgency and Pressure: Attackers manipulate emotions by creating panic or urgency and using short deadlines or ultimatums to push you into acting quickly.
  • Requests for Action: Attackers always ask you to complete an action, such as clicking a link, opening an attachment, or sharing confidential information.
  • Too Good to be True: Attackers often promise unrealistic objects, prizes, opportunities such as employment, or financial rewards.
Can You Spot Phishing? Test Your Skills

Report Suspicious Activity

Always report suspicious messages or communications to abuse@wsu.edu as soon as possible. 

Information Technology Services thanks all WSU users for staying alert and taking necessary precautions to protect personal and university data, systems, and services.