DRS Email 21-010, Phishing Attempt

Notice No: 21-010
Date: May 27, 2021
Applies to: All Employers
Subject: DRS Email 21-010, Phishing Attempt

DRS would like to share the following information regarding a phishing attempt using text messages to target SecureAccess Washington (SAW) users in an attempt to gain credentials and personal data. SAW is the application used to log in to the Employer Reporting Application (ERA).

This is an example of the phishing text:

If the user selects the provided bit.ly link, it takes them to a page asking for their username and password. The site accepts any information entered. It then asks the user for their Social Security number, driver’s license number and mother’s maiden name and then redirects them to the state Employment Security Department website.

SecureAccess Washington has posted a warning at the top of its webpage (https://secureaccess.wa.gov/myAccess/saw/select.do) stating: “SAW will never send bit.ly links via SMS or email.”

Please be aware that SAW will not send unsolicited emails or texts requesting verification of its accounts. SAW only sends emails and texts at the request of users.

If you or any of your team members followed the link and entered the requested information, please contact the Secure Access Washington support team as soon as possible at Secure Access Washington Help to reset your SAW account password.

If you have any questions regarding this DRS Notice, please contact Employer Support Services at 360-664-7200, option 2, or 800-547-6657, option 6, option 2, or email us.