Wayne State College
Act Now

Phishing attempt "Payroll Message" - 4/20/18

Published Friday, April 20th, 2018

Phishing message about a payroll message from Wayne State College.

Greetings all,

We have another phish in the wild.  It is a message about a payroll message from Wayne State College.  The e-mail arrived roughly at 6:00 PM. 

This is not a legitimate e-mail.  We have secured the account and will be removing the e-mail from the system.

If you have clicked on the link and/or provided your login credentials, please change your password immediately. 

Instructions are below - if you need any assistance, please call the helpdesk (402-375-7107) and we’ll be happy to assist.

When you have an e-mail that asks you to take action use the following steps to determine the validity:

STOP – Don’t simply click through on an e-mail and provide your credentials.

THINK – Ask yourself some questions about the e-mail.  Be inquisitive.

CONNECT – If you’ve taken time to examine the e-mail and you are convinced it’s legit, go ahead and act.

Thanks for your diligence!

Network and Technology Services
Wayne State College

  1. Go to https://ecampus.wsc.edu
  2. Click on the “Password Help” link near the login button in the top right corner.
  3. Verify that you are not a robot.
  4. Enter your username and click the “Search” button.
  5. Choose which method you would prefer to receive your security code.
    1. EMAIL - Send code to your registered email address. This is the "Personal" address in WildcatsOnline for students and "Email Address" in Firefly portal for staff and faculty.
    2. SMS (Text Message) - Send code to your mobile phone using text messaging (SMS). This is the "Cell" number in WildcatsOnline for students and "Telephone No:" in Firefly portal for staff and faculty.
  6. Enter the security code and click “Check Code”.
  7. Enter a new password and confirm the new password.
  8. Network and Technology Services suggests that you never use the previous password for any WSC or non-WSC services (personal email, banking, social media, etc) in the future. The attackers will have your previous credentials stored in a database and will continue to attempt to login using those credentials.