Helpful Links

Navigate OHIO

Connect With Us

Tech Help Desk
Alden Library 4th floor
30 Park Place
Athens, OH 45701
help.ohio.edu

Employment-Related Scams and Phishing

There are several types of common employment-related scams that you should be aware of as a University employee. To increase your awareness of potential scams, how you may encounter them, and actions to take should you encounter them, please see the guidance below. 

What to Do If You Think Your Information Has Been Compromised

  • Make sure to report an information security incident to the Information Security Office (security@ohio.edu) as soon as possible. 
  • Visit identitytheft.gov to learn about immediate actions to take to protect your identity.
  • Learn how to freeze your credit and monitor your credit from the Federal Trade Commission.
  • If you believe you are a victim of identity theft and are a benefits eligible employee, you have access to the employee assistance program. The employee assistance program features, but is not limited to the following: 

    • Member Portal: Access Your Benefits

      24/7/365 through your member portal with online requests and chat options. Explore thousands of self-help tools and resources including articles, assessments, podcasts, and resource locators.

    • Financial Consultation 

      Build financial wellness related to budgeting, buying a home, paying off debt, basic tax questions, preventing identity theft, and saving for retirement or tuition.

  • If your University device is lost or stolen, report the theft or loss as soon as possible. 

Tips to Protect Your Information

Types of Scams

Unemployment Insurance Fraud

How To Identify This Scam

You may receive or see:

  • Communications about unemployment insurance forms when you have not applied for unemployment benefits
  • Unauthorized transactions on your bank or credit card statements related to unemployment benefits
  • Unexplained fees involved in filing or qualifying for unemployment insurance

What to Do

Report the fraudulent activity to the Information Security Office at security@ohio.edu and University Human Resources at UHR@ohio.edu as soon as possible. Then go to the State of Ohio Department of Job & Family Services to file a report and see the “What to Do If You Think Your Information Has Been Compromised” section as outlined above.

Direct Deposit Fraud

How To Identify This Scam

Most commonly, you receive an email with a link to a fraudulent form that prompts you to provide your username and password and approve a multi-factor authentication (MFA) notification. However, scammers can try to get your credentials in many ways, such as with password stealer malware or other phishing tactics (see the “General Phishing, Email, and Web-Based Scams” section below).

When scammers steal your OHIO credentials, they can use this information to go into My Personal Information (MPI) direct deposit set-up and change it to an account to which they have access. If this change is not discovered before a payroll close date, the funds are sent to their account, not yours. 

What to Do

If you receive a suspicious email, do not share your password or approve MFA pushes, or phone calls.

Check your direct deposit setup in MPI under “Payments – Manage Direct Deposit”. If it has been changed, correct the information and change your password. Then, report the incident to Information Security at security@ohio.edu and University Human Resources at UHR@ohio.edu as soon as possible. UHR will work with Payroll to investigate and work with you to take the appropriate action. Also, see the “What to Do If You Think Your Information Has Been Compromised” section above if needed.

General Phishing, Email, and Web-Based Scams

How to Identify This Scam

Phishing and other scams can show up through unexpected emails, text/SMS messages, or scary-looking pop-ups. These scams may seem to come from colleagues at the University or other higher education institutions, or they may be fraudulent web pages that look like MPI or other University login pages. One sign you may have fallen for a scam is getting an unexpected MFA push or phone call.

What to Do

  • Do not provide your account credentials via unusual or suspicious login methods, such as over text message or in a Google form.
  • Do not approve any unexpected MFA pushes or phone calls.
  • When you receive a suspicious message, check the Phishbowl to see if the message appears and has been confirmed as phishing or as a legitimate message.
  • Forward any suspicious messages to the Information Security Office at security@ohio.edu as soon as possible. You can also send screenshots of pop-ups or text messages.
  • If you may have shared your login credentials or accepted an unexpected MFA push or phone call, change your password immediately. Then, report the incident to the Information Security Office at security@ohio.edu as soon as possible.

For more information on navigating these issues, visit the Information Security Office’s Identifying Malicious Email page.

Income Tax Fraud

How This Scam Shows Up

Income taxes are filed under your name without your knowledge. If this happens to you, the IRS will notify you that your tax return has been rejected. 

What to Do

See the “What to Do If You Think Your Information Has Been Compromised” section above.

For more information on common scams during tax time, check out the Taxpayer Advocate Service’s How to Keep Your Personal and Tax Information Safe post.

Retirement and Financial Consultations

How To Identify This Scam

Companies claiming or implying that they are University partners may reach out via phone call, social media, or email to offer financial advisory services. 

What to Do

You can check the Retirement Providers webpage if you receive a benefits-related message and aren’t sure if it came from a university vendor.

If the vendor is not a university vendor, you can ignore the message. Or, if you’re interested in the services, make sure to research the company. Learn more about retirement fraud from the U.S. Securities and Exchange Commission.