Wisconsin Department of Health Services Digital Updates

WI DHS: Potential Phishing Attempt: Spoofing Emails Asking for Credentials. Do not give your credentials or personal information. DHS encourages you to be cautious.

Wisconsin Department of Health Services sent this bulletin at 02/13/2025 07:50 AM CST

Division of Quality Assurance: Notifications & Updates

Attn: All Regulated Health Care Providers

WI DHS: Potential Phishing Attempt: Spoofing Emails Asking for Credentials. Do not give your credentials or personal information. DHS encourages you to be cautious.

The Department of Health Services (DHS) wants to make you aware of an email being sent to county employees that is coming from someone impersonating DHS. These appear to be part of a spear phishing campaign.

About the suspicious email

The email sends users to a webpage that mimics the DHS website and asks users to put their credentials into the form. Do not enter your credentials or any other personal information.

What does it look like?

This is an example of what is in the scam email. Your content may vary.

From name: admin@dhs.wisconsin.gov
From email address: autley@rootedschool.org

Subject: 2025 Wisconsin Department of Health Services Information Verification.

Body of email: The body of the email includes public-facing facility information including provider name, address, phone number, and email address. There is a NOTE stating, “This verification link below will expire after 24 hours, if we do not receive your verification/update before the link expires, we will have to revoke your license.

Please note, these emails may be coming from other addresses or contain different language.

What should I do when reviewing emails for phishing and scams?

When reviewing any email you receive, consider these security tips:

Watch out for requests that are not reasonable and call for urgent action.
Always be cautious with links and attachments in emails, especially from a sender you don’t recognize.
Hover to discover; hover over any links and look closely at the URL that’s displayed.
Check the sender’s identity. All State of Wisconsin emails come from an email address related to wisconsin.gov. For example: dhscsirt@dhs.wisconsin.gov or dhscsirt@wisconsin.gov. DHS will never send an official email from any other type of email address.
Phishing messages can come from trusted sources or senders you know. If the request feels “off,” verify through alternate means; do not reply to the email sender. Responding to a suspicious email might connect you with the bad actor.
Promptly report all suspicious messages to your security team.

If you have a question about this information, email the DHS Computer Security Incident Response Team (CSIRT) at dhscsirt@dhs.wisconsin.gov.

Please do not reply directly to this email message. If you have a question about this information, email the Division of Quality Assurance.

CONNECT WITH DHS

Update your subscriptions, modify your password or email address, or stop subscriptions at any time on your Subscriber Preferences Page. You will need to use your email address to log in. If you have questions or problems with the subscription service, please visit subscriberhelp.govdelivery.com.