Information and Technology Services has issued a Safe Computing Bulletin warning faculty, staff and students about a sponsored link scam targeting Wolverine Access. These scams are designed to steal your login credentials and then redirect your paycheck.

How it works

When searching for “Wolverine Access” in a search engine such as Google, some users may click on the top sponsored search result. This link deceptively leads to a fraudulent U-M Weblogin page. 

Once users have input their credentials on this fraudulent page, the threat actor captures the information and uses it to initiate a Duo authentication push and log in to the actual Wolverine Access site. 

There, they can redirect the individual’s payroll direct deposit to the threat actor’s bank account. You can find more information about these types of scams on the Safe Computing website.

ITS offers these tips to help protect yourself:

• Verify authenticity: Always check that the URL starts with weblogin.umich.edu/ when you are signing into your UMICH account.
• Beware of sponsored links: Be cautious when clicking sponsored links, as they may lead to fraudulent websites. A sponsored link is a paid advertisement that often appears at the top of a search results page or other website. They are usually marked as “Sponsored,” but they are designed to look like normal search results and can be misleading.
• Monitor notifications: Pay attention to any unexpected email notifications of direct deposit changes. If you have questions about the types of emails you should be receiving regarding direct deposit, you can refer to the Wolverine Access Direct Deposit Help page.

University community members should remain vigilant and report any phishing attempts to ReportPhish@umich.edu.