Security and privacy reminder from WVU Medicine IT: Protect your password as you would your banking information

The WVU Medicine Information Technology (IT) team has responded to several recent email phishing campaigns. The campaigns appear to be targeted toward individuals that are WVU Medicine employees or WVU Medicine associates. The criminal scammers’ goal is to obtain WVU Medicine user IDs and passwords.

What can you do to help protect yourself, our patients, and confidential business information? Take these steps: 

• NEVER enter your WVU Medicine user ID and/or password into any links or document portals sent to you via email.
• Call the email sender via phone to confirm the legitimacy of the email.
• If the sender did not send you the email, the sender’s email account may be compromised.
• Contact the WVU Medicine IT Help Desk (304-598-4357) to report any suspicious emails.

You are responsible for protecting your user ID and password, just like you protect your personal banking Information (e.g., routing numbers, accounts, credit card numbers). Consider this:

• You would not supply your banking information in response to an unsolicited email – even from a trusted colleague or friend.
• You would ask yourself, “Why is my colleague asking for MY banking information?”
• You would make a phone call to understand why this highly confidential information is required.

Use this same logical process when you receive an email that is requiring you to enter your user ID and password. Remember:

• It is apprpriate to slow down when processing emails to verify that the request is legitimate.
• Be skeptical. 

When you read an email from a “trusted” colleague or friend, pause and consider whether or not a trusted colleague or friend would ask you to enter your WVU Medicine user ID and password to open a document or follow a link? The answer is no and most likely the email was sent from a criminal scammer.

Report all suspicious emails to the WVU Medicine IT Help Desk (304-598-4357).