As we push further and further into tax season 2017, tax-related fraud and phishing scams are occurring more and more frequently. Some of the most common scams involve hackers attempting to steal employer W-2 information (either to collect Social Security Numbers or to file fraudulent returns. Click here to read more).
Several major organizations are at risk for falling victim to this type of wide-reaching scam. In this, Augusta University is no exception.
Shakeel Khan, manager of IT Security Risk and Compliance, said the key is to recognize an attempt and report it immediately.
“As we are seeing more and more phishing scams, impersonators are becoming smarter by coming up with ideas to fool others and get as much information out of the victims as possible,” Khan said. “It’s our responsibility to be vigilant in forwarding any red flags to to the property security channels.”
Khan noted that there are a number of “red flags” associated with phishing attempts to be mindful of.
Rushing: Rushing is the term used to describe an attempt that hopes to get information fast without being scrutinized for recognizable flaws. Examples of Rushing include emails containing poor grammar, illogical sentences or sentence structure, and vague or nameless greetings.
Asking for Private Information: In some cases, hackers will ask directly for personal or sensitive information, usually impersonating either an organization’s CEO or the head of a department in hopes of intimidating a response. If you believe a request for sensitive information may have come from a fraudulent source impersonating a university or health system employee, inquire either in person or over the phone (using the contact information listed on an official Augusta University webpage) with the individual sending the request. If you find the request was not made by the individual in question, forward the email to firstname.lastname@example.org
URLs or Email Attachments: Intruders are often skilled at making URLs and email attachments look legitimate. A good rule of thumb is to treat all external email sources a degree of caution. Being vigilant and understanding the tactics of phishing scams can go a long way toward preventing a successful attempt.
Insistence on Using Email: No Augusta University or Augusta University Health faculty or staff member will ever inquire about your W-2 via email. If you receive an email requesting personal information, please forward it to email@example.com
If you feel that you or a colleague may have fallen victim to a phishing scam, contact the IT Help Desk at 706-721-4000 immediately and forward any and all suspicious emails to firstname.lastname@example.org.
Remember, above all else: Don’t click any suspicious links.