Phishing Scams - Don't Get Caught!

Phishing is a type of online scam that uses false emails, forms and websites to collect personal information for identity theft. Such information can include usernames, passwords, Social Security numbers, credit cards and other information. Many of these scams appear legitimate but should be avoided and reported to

Detecting a Phishing Scam

Phishing messages are designed to look like official correspondence and can be very difficult to detect. However, one thing that may indicate a message is malicious is if it asks for personal or financial information. A phishing email may ask you to visit a link that appears to go to a legitimate site but actually sends you to a malicious site or webform designed to steal your account or personal information.

Don't Get Caught

Never reply to an email with your password, GWid or PIN. Always hover over links to verify them before clicking. If you have any questions about the validity of a link you see or a message you receive, please forward it to or contact the IT Support Center at 202-994-GWIT (4948) or

Recent Phishing Attempts

The Division of Information Technology (IT) has recently received reports of phishing scams targeting hospitals, health systems and their employees. These scams take the form of fraudulent emails directed towards hospital employees. The fraudulent emails contain links that installed Ransomware software that significantly affected operations by locking files on computers and enabling malicious software to spread. Another means of spreading malicious software is through infected files found on USB drives.

To avoid phishing scams and to help prevent these attacks at GW, please follow these important guidelines:

  • Always be wary of emails and ads from unknown senders or messages requesting account verification, confirmation or upgrade, payment or personal information such as your passwords, GWid, Social Security number or credit card information. Be wary of any unexpected or unsolicited attachments.
  • Never plug in a USB stick into a GW-issued computer unless it is a GW-issued USB or from an otherwise trusted source
  • Please ensure that your computer is patched with the most recent operating system updates.
  • The Division of IT recommends not using the same password for multiple accounts.

If you believe you have received a phishing email, please do NOT reply to it or click on any links. If you have already done so, please contact the IT Support Center immediately at 202-994-GWIT (4948) or

If you have any questions about the validity of a link you see or a message you receive, please forward it to