Cyber criminals are sending phishing email to universities to steal their employees’ direct deposit paychecks. This email attack has been employed on the campus of at least one Triangle university.
Protect yourself against cyber theft
- NEVER GIVE OUT YOUR UNITY ID AND PASSWORD. NC State IT personnel will NEVER ask you for this, EVER.
- Always access your employee information via the MyPack Portal link under Resources on the NC State home page.
- Look out for websites – both good and bad – that replicate the university’s single sign-on screen. (See Don’t Get hooked by Phishing!)
- NEVER open any email or attachment from someone you don’t know. If you’re not expecting it, don’t open it unless you verify it with the sender.
- ALWAYS hover over a link to verify its intended location. Never click on suspicious or unrecognized links in emails, including those from NC State.
- Activate Google’s 2-Step Verification to make your accounts and documents more secure.
If you get caught
If you believe you have responded to a phishing attack, do ALL of the following:
- Change your password immediately.
- Confirm your direct deposit information in the MyPack Portal.
- Delete any Gmail filters that may be redirecting your email.
- Phishing attacks against campus addresses are happening more often.
- These constant threats can be extremely damaging to you and the university.
- Forward any suspicious email with an ncsu.edu address to firstname.lastname@example.org or call the NC State Help Desk at 515-HELP (4357).