Email phishing scams to steal valuable personal information can be difficult to spot, as several Johns Hopkins employees discovered recently. An email that appeared to be from the institution's payroll department was sent to several hundred employees at the end of July. It led people to a website where they were asked to enter their login and password, and that was enough information for the scammers to change the employees' payroll information and steal their direct deposits.
"Nearly every day, members of the Johns Hopkins community are targeted by 'phishing' scams attempting to steal user names, passwords, and other personal information," said Heidi Conway, vice president for human resources at the university, and Bonnie Windsor, senior vice president for human resources for the health system, in an email to the Johns Hopkins community. "It is important for everyone to be vigilant about any email requests for information. These scams have become sophisticated in the way they mimic messages from our institution, luring you to a phony Johns Hopkins login page that appears legitimate."
As a precaution, HR/Payroll Shared Services has temporarily suspended employees' ability to make changes to their direct deposit information in Employee Self-Service. That department anticipates that the direct deposit functionality will be restored later this week, and employees should contact the department at 443-997-5828 if there is an immediate need to change direct deposit information.
Anyone who has entered his or her JHED credentials in response to any message suspected to be phishing should go to the Johns Hopkins portal immediately, click on "My Profile," and choose the "Change your password" link on the right side of the page. Once the password is changed, contact the Help Desk at 410-516-HELP to report the incident.
There are additional steps employees can take to protect themselves:
Look carefully at what a message is asking you to do and check the URLs of both the site sending the message and any sites to which you are being sent.
Never enter your password after being directed from an email that appears to be sent from Johns Hopkins. If you receive an email message in your Johns Hopkins inbox that you suspect is a phishing scam, do not follow its instructions; instead, forward the email to firstname.lastname@example.org and then promptly delete it.
Go into your JHED account on a regular basis to ensure all your information is updated so that you can be quickly contacted if necessary.
Check your bank account on payday to verify that your direct deposit has been received.
Call HR/Payroll Shared Services at 443-997-5828 immediately if you have any issues.
More information about these types of scams can be found on the IT@JH website.
Posted in Tools+Tech