The FBI and U.S. Department of Homeland Security are warning that colleges and universities are a new, ripe target for cyber criminals using fake “.edu” email addresses, an unfortunate fact some CU employees recently experienced firsthand.
CU employees are not alone as victims of cyber fraud. In recent months, Duke University, Emory University, Boston University, the University of Michigan and UC Berkeley all have disclosed criminal fraud on their campuses.
The scam used deceptive emails to trick employees into revealing their portal passwords, which thieves used to alter employee direct deposit settings. As a result, at least 10 employees’ — both faculty and staff — paychecks were stolen. However, university security was not flawed; employees disclosing passwords enabled these crimes.
CU wants to make sure this never happens to another employee. University leadership asks you to take one simple step to protect your personal information and pay: view your pay advice in the CU Resources area of the portal from Jan. 24-28 (my.cu.edu). This is immediately after payroll has processed, but before pay is deposited in bank accounts.
This step will allow you to verify your paycheck’s amount, deductions and account information for direct deposit. If you see that direct deposit information is incorrect and report it in time, Employee Services can stop the payment and reissue it as close to payday as possible.
Make this simple step a routine practice with each pay cycle.
The university’s payroll counselors in Employee Services can assist employees with questions or concerns. Call 303-860-4200 and select option 2 for guidance.