Updated (2/4/16): Important Memo Regarding Phishing Scam
Update as of February 4, 2016: The HR Advice and Pay Advice are now also available to those accessing the site from outside State of Vermont networks.
Update as of January 25, 2016: VTHR is now available to external users, including job seekers, and employees working from home, or offsite locations. Until further notice, the pages available to those accessing the site from outside State of Vermont networks will be limited to; timesheets for time entry, career pages for job search for employees. Employees with supervisory access, will also have time approval pages available.
TO: All State Employees
FROM: Maribeth Spellman, DHR Commissioner
Richard Boes, DII Commissioner
DATE: January 22, 2016
RE: W-2 Phishing Email Scam
Please read the following very important information.
At approximately 10:50 am on January 21, 2016, an external entity sent an email to a group of State of Vermont employees notifying that electronic W-2s were available and to click a link to log in to view and print them. The link went to a replicated site that looks very much like the VTHR login page. Throughout the day similar email communications were received by different groups of State of Vermont employees. This is called a phishing scam where the “bad guys” try to get you to disclose your login ID and password so they can log into VTHR as you, and potentially steal your information.
We are aware that a number of State employees may have entered their login ID and password into what they believed was the VTHR site in response to this email. Types of information that may have been compromised as a result of this phishing scam, other than login and password information, include: social security numbers, tax information (i.e. W-2 forms), bank account information related to direct deposit, personal contact information, and benefit information (i.e., the type of health insurance plan you have). The State is working with law enforcement to further address this incident.
In order to ensure that State employee personal information is not compromised or further compromised, all users will be prompted to reset their passwords at their next login and the VTHR system will not be available from non-State computers while we put the additional security measures in place. All VTHR functions from within State offices and State networks are available as usual. If you do not have access to a State office network, contact your timekeeper delegate or supervisor to ensure that your time is entered appropriately.
If you clicked the link but did NOT enter your login ID and password, we do not believe your personal information has been compromised at this time. Nevertheless, as a precautionary measure, you will be required to reset your password at your next VTHR login and we recommend you change other work-related account passwords.
Important: If you DID click the link and entered your login ID and password into this fake site please do the following as soon as possible:
1) Contact the VTHR helpdesk, at (802) 828-6700 or (855) 828-6700, if you have not done so already. The helpdesk staff will walk you through changing your work-related passwords, and we can check records to see if there is a risk that your information may have been compromised.
2) Contact Vermont Department of Taxes at (802) 828-2865.
3) Contact the IRS:
- Complete and submit Form 14039, IRS Identity Theft Affidavit to the IRS.
- AND submit a copy of the IRS Identity Theft Affidavit to the Vermont Department of Taxes:
- Drop it off at 133 State Street, Montpelier, 2nd Floor Window
- Or mail to: 133 State Street, Montpelier, VT 05452
4) Monitor your bank statements and other financial account information for any suspicious activity. You may also wish to obtain a free copy of your credit report by contacting one of the three credit reporting agencies below:
P.O. Box 740241
Atlanta, GA 30374-0241
P.O. Box 2104
Allen, TX 75013
P.O. Box 2000
Chester, PA 19022