Phishing Scams - Don't Get Caught!

Phishing is a type of online scam that uses false emails, forms and websites to collect personal information for identity theft. Such information can include usernames, passwords, Social Security numbers, credit cards and other information. Many of these scams appear legitimate but should be avoided and reported to [email protected].

Detecting a Phishing Scam

Phishing messages are designed to look like official correspondence and can be very difficult to detect. However, one thing that may indicate a message is malicious is if it asks for personal or financial information. A phishing email may ask you to visit a link that appears to go to a legitimate site but actually sends you to a malicious site or webform designed to steal your account or personal information.

To avoid phishing scams and to help prevent these attacks at GW, please follow these important guidelines:

  • Always be wary of emails and ads from unknown senders or messages requesting account verification, confirmation or upgrade, payment or personal information such as your passwords, GWid, Social Security number or credit card information. Be wary of any unexpected or unsolicited attachments.
  • Never plug in a USB stick into a GW-issued computer unless it is a GW-issued USB or from an otherwise trusted source
  • Please ensure that your computer is patched with the most recent operating system updates.
  • The Division of IT recommends not using the same password for multiple accounts.

Don't Get Caught

Never reply to an email with your password, GWid or PIN. Always hover over links to verify them before clicking. If you have any questions about the validity of a link you see or a message you receive, please forward it to [email protected] or contact the IT Support Center at 202-994-GWIT (4948) or [email protected]