Information Services (IS) has received an FBI alert about a sophisticated phishing attack to harvest individual credentials for W-2 access. Phishing is fraudulent email that purports to be from a trustworthy source in an attempt to steal sensitive, personal information.
How the W-2 threat works
- The thieves use information from LinkedIn to identify employees.
- The thieves send a well-crafted phishing email disguised to resemble a message from the employer, which provides a link for an employee to download their W-2.
- These emails are directed to an employee’s personal email via LinkedIn, rather than directly to a Texas Children’s email account (unless you use your work email as a LinkedIn contact).
- The link directs the employee to an authentic looking website.
- After the employee enters his or her credentials, he/she is redirected to the actual paperless employee website.
- Because this scheme never passes through Texas Children’s servers, our Information Security team might not know about a problem until multiple employees are affected.
What should you do?
If you receive an email like the one described above, DELETE IT IMMEDIATELY. If you have questions about your W-2 statement at Texas Children’s, please contact Payroll Services.
Email security guidelines
Help protect Texas Children’s information security by heeding the following guidelines:
- What to do – If you receive an email from a source you don’t recognize, delete it immediately – don’t open it, forward it or respond to it
- Avoid links – Be especially cautious about clicking web links within email
- Pay attention to warning pages – IS identifies potentially questionable web sites with a warning page; if you see a warning page after clicking a link in an email, the site is most likely a phishing attempt (view the IS warning page)
- Business use only – Use your Texas Children’s email account for business communication only
- Learn more – Click here for more tips on protecting against spam and phishing
Information Services is dedicated to providing a secure, reliable technology environment. If you have any questions about information security or phishing email, please call the IS Service Desk at Ext. 4-3512.