GW Information Technology (GW IT) is investigating reports of scam emails regarding GW benefits information with a link to a fake GWeb (Banweb) site that instructs recipients to login using their GWID and PIN. Logins to the fake site may allow hackers to harvest user credentials. Impacted users have been notified.
As a cautionary measure, GW Information Security recommends that recipients who may have logged into the fake site should change their PIN and verify all the information on their profile, especially bank accounts for direct deposit, addresses, and security questions are correct.
To change your PIN, follow these steps:
- Log into the GWeb Information System using the appropriate button on the GWeb page.
- Once you are logged into the main GWeb menu page, click on the Personal Information Menu tab at the top of the page and select Change PIN.
- You will be prompted to enter your old PIN number and then enter and re-enter your new PIN.
As a reminder, with the implementation of GWeb Single Sign-On Phase 2, all current GW students, faculty, staff and alumni as of May 2019 now log into GWeb (Banweb) using their GW email ([email protected]) and password, not GWID and PIN. Single Sign-On uses GW’s two-factor authentication security protocol and should prevent unauthorized logins to GWeb (Banweb).
GW IT continues to take proactive measures to keep our campus community safe. GW students, faculty and staff should ignore such requests for information and report any suspicious electronic communication to [email protected].
Protect your information!
Always be wary of messages requesting account verification, confirmation or upgrade, payment or personal information such as your passwords, GWID, Social Security number or credit card information.
Universities are frequently targeted by malicious actors who will attempt to acquire personal information about you and other members of the university community through email and over the phone. Please be aware that these attempts often seem legitimate.
Ask questions, trust your instincts, and if things seem off, don’t be afraid to take a message and follow-up later. Attackers will frequently use a sense of urgency to prompt the victim into making a risky decision.