Beginning today, Information Technology Services is implementing enhanced security measures in response to a rising number of phishing attempts targeted at the Crimson Service Desk.
Anyone contacting Crimson Service Desk to request password or multi-factor authentication resets will now need to join a Zoom Room session to verify their identification. During the Zoom call, individuals will need to show their WSU Cougar Card, a state or government-issued ID, such as a driver’s license or passport, or a high school ID.
“I understand this is a change that may temporarily slow down your ability to access business resources, teaching, and learning,” Tony Opheim, vice president for Information Technology Services, wrote in an email to the university community. “Unfortunately, this process change is necessary to ensure the security of your personal information.”
The change stems from an increase in attempts to gain unauthorized access to individual network ID accounts by malicious parties calling Crimson Service Desk.
In his email, Opheim provided cybersecurity tips to the WSU community:
- Do not approve unknown Multi-Factor Authentication (MFA) requests: This ensures that even if someone obtains a password, they cannot access an account without the second factor authentication step.
- Be wary of phishing attempts: Be cautious of unsolicited emails or messages asking for credentials. Always verify the source before clicking on any links or providing personal information. As a reminder, no WSU person, IT staff or otherwise, is authorized to ask for passwords or multi factor passcodes.
- Secure devices: Keep operating systems and applications updated to protect against vulnerabilities. Use antivirus software and be cautious when connecting to public Wi-Fi networks.
- Get assistance immediately: If unauthorized access to an account is suspected, immediately notify abuse@wsu.edu.
Questions about cybersecurity practices can be directed to the Crimson Service Desk by calling 509-335-4357 or emailing crimsonservicedesk@wsu.edu.