Bad actors are spoofing SecureAccess Washington (SAW)

Washingtonians who use the SecureAccess Washington (SAW) portal to access state services should be on the lookout for spoofed internet ads that pretend to be government links to SAW.

WaTech's state Office of Cybersecurity (OCS) has observed fake sponsored ads on search engines with links such as SecureAccess – Washington and as SecureAccess Washington – login.

If users click on the ad, it takes them to a page what looks like a legitimate government website asking for their username and password. If those credentials are provided, bad actors can then potentially use that information to access user accounts at state agencies.

One indication that the links are malicious websites is they do not have a .gov address but instead have URLs such as “wasecuracces.com” or “washingtonst.net.”

To avoid becoming a victim, be skeptical of all links on the internet even if they look official. When going to a government agency website, make sure it has a .gov address. The only correct SAW address is https://secureaccess.wa.gov.

To report an issue with SAW, use the "Get Help" option on SAW's website.