Watch out for email scams - don't get phished!

Phishing is the common name for email scams that try to trick you into giving up your account information.  The scam emails usually try to scare you by saying your account will be deleted, canceled, terminated, or you will lose data if you don't log in to the website.  The scam websites usually look similar to a legitimate website and asks you to login with your Wellesley account.

Information scammers can get if you fall for a scam

If you enter your account information on a scam website, the scammer will gain full access to everything your Wellesley domain account can access:
  • Your Workday account, which includes salary info, pay stubs, tax information, and health information.
  • Your Google Apps account, which they can download your email, contacts, and files in Drive and scan them for personal information.
  • Accounts that use your Wellesley email address, such as Amazon, online banking, and online credit cards.
  • If you used the same email address and password on other sites, those sites are now compromised too. 

How to spot a phishing scam and protect yourself

Phishing scams start with an email that looks official, but when you really look at it, you can usually spot a few common errors in them

  • The email signature doesn't include the name and contact information of a staff member from Library & Technology Services (LTS).
    • All emails from LTS will address you by name and have the name and contact information of someone in the department.
  • The email is a scary warning about your account unless you login, such as it will be deleted, cancelled, or terminated.
    • Your account will only be disabled if your status at the College changes. 
  • The link in the email goes to a website that isn't on or, and the website doesn't have a secure lock icon.
    • Correct, secure websites will have one of these in the address bar:
      Wellesley computer Wellesley mobile Google computer Google mobile

Protect your accounts and information

Here are some tips to help keep your information secure.

  • NEW: Sign up for Duo two-factor authentication to protect your Wellesley Google Apps and Workday accounts.
    • This is a new feature that protects your account by requiring phone authentication when logging in.
  • Don't reply directly to emails that ask you for your account information.
    • If you're concerned, open a browser and go to the correct website manually.
  • Be cautious about opening attachments or downloading files from emails you receive.
    • If you weren't expecting an attachment or download, ask the person sending it to confirm it's ok.
  • Use anti-virus and anti-spyware software and keep them updated.
  • Keep your web browser up to date.
    • Chrome and Firefox are usually quick to flag suspicious websites.
    • Go to Help > About in your browser to check for updates.
  • Monitor your credit card and bank accounts regularly.
    • Visit the FTC website to get your free credit report.
    • Some credit cards also provide credit check services.
  • Use a different password for every website.
    • Hackers will break into a weak website and try the account info on more secure sites, such as banks.
    • When one website gets hacked, you won't have to worry about all the other websites you used that password on.
    • Use a password manager, such as LastPass, 1Password, or KeePass.
  • Visit the following websites for additional security tips:

Report phishing scams

If you think you have received an email phishing scam, here are some things you can do:

Quickly report it to the Help Desk:

  1. Forward the email to
  2. DO NOT click on any of the links or reply to the email until you get a response from the Help Desk.
  3. The Help Desk will respond during their normal hours.

Report additional details of the email to the Help Desk:

  1. When viewing the phishing scam email, next to the reply button on the left, there is a small button with a triangle on it.  Click on that and select Show Original.
  2. You should now get a new tab with additional information about the email.  Click the Download Original link, which will download an original_msg.txt file.
  3. Attach the file to an email and send it to

Report the phishing scam email to Google.

  1. When viewing the phishing email, and click on the down triangle and click Report Phishing.  
  2. You will then be asked if this really is a phishing scam. Click Yes.  
  3. This will report the phishing email to Google and put the email into your Spam folder.

Recent phishing scams

February 2018 - Money Scam

Similar to the April and May money scam below, this scammer is trying to steal money from you.  This scammer uses the following info:

  • Name: Christopher Babbit
  • Email addresses:,,, and
  • Subject: " **********Employment**********Employment*******"
  • Content: No email body, but a Job Details.txt file attachment.  The attachment he says he works for the department of "Disability Resources and Educational Services (DRES)" and asks you to send your name, address, a non-Wellesley email address, and mobile phone number.

There is no such department on campus, and there isn't an employee named Christopher Babbit.  He asks for the non-Wellesley address and mobile phone number so he can get around the protections we have setup to block these kinds of scams.

If you have given your information to him, contact the Help Desk immediately.  Review your security questions on any online financial websites you have, and enable two-factor authentication on them if you haven't already.  To enable two-factor authentication on your Wellesley Google Apps and Workday accounts, enroll in Duo today.

April  & May 2017 - Money Scam

This scam copied an email that a student organization sent out, but added a "reply-to" setting to the emails so that replies would go to the scammer.  The scammer would then offer checks to the recipient for up-front payment, and ask them to send checks for various amounts to other accounts for equipment or other things.  This is how the scam usually works:

  • The scammer sends a fake check to the recipient.
  • The recipient deposits the check in their account.
  • The recipient's bank releases the funds in 3-5 days.
  • The scammer asks the recpieint to send checks to other accounts for almost the same amount.
  • The recipient sends the checks, and the scammer moves the money from those accounts.
  • The recipient's bank figures out the check was a fake about 7-10 days from the initial deposit and takes the money out of the recipient's account.
  • The recipeint can't get the money back from the scammer, the fake accounts, or their bank, so the recipient is out the money they sent the scammer.
Money scam emails
First scam email
Second scam email
Scam email shown with reply-to field

January 2017

This scam copied our login page, even using our Wellesley College images!  What set the scam website apart was that it was not located at and wasn't a secure website.  Always look for those things when viewing website, both on computers and mobile phones. See the images below where we've circled the differences.

Desktop website
Fake scammer website Official College website


Mobile website
Fake scammer website Official College website

Fall 2016

This scam used an email that said your email quota was going to change.  Gmail is unlimited and doesn't have a quota.  If you clicked on the link you'd see that the website is not a secure site (no lock icon next to the website address), does not go to a or website, has poor grammar, and the Cancel button is spelled wrong.

Phishing Scam Email Phishing Scam Website



Campus-wide test phishing scam, February 2017

On February 22nd, 2017, Library & Technology Services sent a test phishing scam to the community, which we announced would be happening in our Fall 2016 news update.  Screenshots of the email and website used in this test are shown below. 
Test phishing email Test phishing website