Colleges and universities are being specifically targeted.
The scammers send potential victims an email that will likely appear to come from a college office or other trusted source with a link or a PDF asking you to log in to the HR system to confirm information. They use this information to log in to your HR system (e.g. ephr.williams.edu) account and redirect your paycheck deposits to another bank account.
In order to protect yourself from such scams, please do the following:
- Do not follow links in, or download attachments from, suspicious emails. Forward any suspicious emails to email@example.com so OIT staff can check them out – the sooner we know about scams the sooner we can react
- Remember “From” addresses can be spoofed
- Never give your log-in credentials or personally identifying information in response to any email.
- If asked via email to log in to the College’s Financials, HR, or Student Records system for any purpose, use a bookmark or the links off the Controller’s, Human Resources, or Registrar’s website to ensure you reach the correct site
- Remember Williams College sites will always have the domain “williams.edu” just before the first single slash like so: https://something.williams.edu/something
- Keep your email and Financials/HR/Student Records system passwords unique and different
- If your direct deposit information is changed, you will be notified via email. If you did not make this change, contact HR immediately.