Preventing phishing attacks that may involve Workday

July 10, 2024

Recently, a phishing attack targeting WSU employees allowed scammers to obtain employees’ WSU network credentials, then use OKTA to illegally access Workday and update employees’ payment election information. This resulted in the issue of those employees’ paychecks to the criminal’s bank accounts. Learn more about the recent attack in this communication from ITS.

This recent attack did not target Workday directly, however, it remains critical to be vigilant for potential scam email campaigns that may target Workday users at WSU. This post reviews ways detect fraudulent emails that may appear to be from WSU or Modernization, and what to expect from genuine Workday-related communications.

Modernization issues a variety of Workday-related communications to WSU employees on a regular basis. These communications include:

Workday-generated “Your Daily Digest” emails.
The Workday Digest, a monthly newsletter issued to subscribing employees.
Known Issues communications, which are distributed to all WSU employees subscribed to the Workday Digest.
Targeted messages, which may include requests for employee action in the Workday system.

Modernization uses a variety of channels to distribute these messages, including targeted email, Workday Announcements within the Workday system, and listservs operated by other groups. Legitimate Workday updates of high importance are generally distributed via more than one channel.

Scam emails potentially involving Workday may impersonate email communications sent by WSU and Modernization. There are ways to help determine if an email may be fraudulent, including verifying the sender’s domain, and any included links. Employees are encouraged to review ITS’s tips and instructions for detecting and reporting spam, phishing, and malware. Additionally, employees should ensure they have completed their annual Cyber Security Awareness training, available in Percipio.

Modernization will provide notice of any known phishing attempts that may involve Workday via Workday Announcements on the Workday home page, and on the Modernization website home page.

Additionally, Modernization is always available to verify any Workday-related email individuals may receive, especially those containing requests for employee action. Employees can reach out via the Workday Service Desk with questions or concerns regarding Workday communications. They are also encouraged to forward any emails they suspect to be fraudulent to ITS at abuse@wsu.edu.

Questions or concerns? Reach out at the Workday Service Desk.