Workday goes live at the Universities of Wisconsin on July 7. Along with new tools and processes comes a reminder about added vigilance to avoid phishing attacks.
Our launch dates are widely available online, providing potentially useful information to phishers who may try to attack our users and universities. We expect to be targeted by phishing attacks as we implement this new system, and we are counting on you to help keep UW secure by detecting and reporting phishing attempts.
Following the best practices below will enhance Workday cybersecurity:
Protect your credentials
Your login credentials are a prime target for cybercriminals. Remember that your login is yours alone—never share it, even with coworkers or IT staff. Legitimate support staff will never ask for your password. Never enter your credentials into links from unsolicited emails or messages.
Watch for an uptick in phishing attempts
Criminals often disguise these as breaking news, financial alerts, or security warnings. Before you click, ask yourself “does this seem legitimate?” and always be intentional before taking any action.
Check the sender’s address
Check for subtle variations from legitimate UW email domains and addresses. Emails sent to you directly from the Workday system will be from: wisconsin@myworkday.com.
- All other UW emails related to Workday and our support teams will end in wisconsin.edu (UW Administration) or wisc.edu (UW–Madison).
- These addresses will also include a preceding reference to the support function such as @uwss.wisconsin.edu, @support.wisconsin.edu, @vc.wisc.edu.
- To the left of the @ you will see serviceoperations, servicedesk, enterprisedesk, or ramp.
Be aware of phishing & “smishing” attacks
Learn to recognize suspicious emails and text messages (phishing and smishing) that may trick you into revealing sensitive information.
Use official sources
Access Workday by going directly to the Workday icon on your My Apps (Okta) homepage or my.wisc.edu portal for UW–Madison.
Report suspicious communications
- If you receive a suspicious email or text message that is related to Workday, report it to your organization’s IT or security team immediately. Do not reply or click on links.
- Learn more about phishing red flags and Workday security at the Universities of Wisconsin.
By following these best practices, each of us can significantly contribute to the overall security posture of Workday and help protect sensitive data within the system. Remember that security is a shared responsibility, and vigilance is key in combating cyber threats.
Thank you for all you do to help keep UW secure.