SECURITY NOTICE: Phishing E-mails and Potential Payroll Direct Deposit Fraud

Please be advised that we are experiencing increased phishing e-mail attempts from external sources which appear to employees as a notice from our Emory payroll departments regarding their pay, or a potential pay increase.

Our payroll departments do not issue such notifications or information via e-mail, and any pay increases are communicated to employees by their direct supervisor. Employees who have clicked on the links contained in these messages have been taken to a convincing copy of Emory's PeopleSoft or other login pages. In some cases, this fake login page has even requested bank account information. At no time will Emory ever request banking information from you on a login page, or via e-mail. If you receive an e-mail of this nature, please forward a copy to abuse@emory.edu.
In general you can ask yourself these questions to determine if an email you receive is phishing or not:

1. Did it come from a sender that you would expect to send you such a message?
2. Do links in the email go to a webpage that you would expect, such as a valid emory.edu site? Even if the link looks OK in an e-mail, it may be fake. You can often see where a link goes by putting your mouse over it and looking at the pop-up text. On a smart phone you can generally long press on a link to display the URL of the site that it will take you to.
3. Is the e-mail asking you to take urgent action to avoid some unrealistic negative consequence?
4. If you're ever in doubt, stop, and ask your local IT support, or contact the department that the message appears to be from.

Below is an example of one of the fraudulent login screens. This is only an example, and not all fraud attempts will look the same. Notice that the URL below does not belong to Emory, and the additional bank account number field.