Cybercriminals are actively attempting to access your Mason payroll account through phishing emails. Recently, they succeeded in gaining access to several Mason employees’ direct deposit information and stole pay from the employees, working around the protections in place.

Mason will not send an email requesting your NetID, password account information, or a Duo Passcode.

When you receive an email from a sender you do not know or an email you are not expecting, especially if the sender is requesting information, you should:

• Examine the sender’s email address. An email from a Mason employee or Mason office should have a gmu.edu email address.
• Examine the link in your browser to determine if it is a Mason site. The link should be one you are familiar with or are expecting. If not, do not visit the site. When in doubt, manually enter the URL to the site you want to visit.
• Never respond to an unanticipated Duo push or provide a Duo passcode to someone on your behalf. Providing this information gives cybercriminals access to your accounts.
• Contact the ITS Support Center if you think you have received a malicious email. They can help determine if an email is legitimate.
• Change your password immediately (password.gmu.edu) if you replied to a link in a phishing email with your username and password. After you change your password, contact the ITS Support Center at 703-993-8870.

If you have questions about an email or need assistance determining if an email is phish or fraud, please contact the ITS Support Center at 703-993-8870 or support@gmu.edu.