Fake websites targeting SecureAccess Washington (SAW) users
Updated 3:30 p.m., Nov. 20, 2023
Customers who used a search engine to access SecureAccess Washington (SAW) may have fallen victim to a phishing scam. The scam uses sponsored ads that link to different spoofed, or fake, SAW websites that can compromise their personal information.
ESD is working with WaTech to protect customers
Customers should make sure their SAW accounts are secure.
Secure your SAW account
Access your SAW account from ESD or Paid Leave’s websites. Do not use a search engine to get to the SAW login page.
Safe links to SAW:
- Employment Security - Login (wa.gov)
- Log in – Washington State's Paid Family and Medical Leave
- Employer Account Management Services (EAMS)
If you cannot access your SAW account:
- Call ESD’s SAW help desk at 855-682-0785 between 8 a.m. and 4 p.m. Monday through Friday excluding holidays. Staff can help you reset your password.
If you can log into your SAW account:
- Change your email account password. Be sure each password you use is different and strong.
- Make sure all devices, email addresses and phone numbers used in multi-factor authentication, sometimes called two-step verification, are yours. Remove any unknown devices, email addresses or phone numbers.
- Reset your SAW password if you have not done so already.
- Check your eServices or Paid Leave account(s).
- Verify all your information, especially payment information, is still correct for eServices, Paid Leave and any other accounts you have connected to SAW.
Check other accounts connected to SAW
Check your SAW account for any other services or programs that you access through SAW. It’s also good practice to update your computer’s security software. Then run a scan and remove anything it identifies as a problem. Find more consumer advice on the Federal Trade Commission’s website.
More about multi-factor authentication
The most secure MFA method is using an authenticator application. Authenticator applications, or apps, download to your device and generate secure six-digit codes you use to sign into your account.
After authenticator apps, text/SMS messages provide the next best security. The least secure MFA is email.
Read the warning on the Washington Technology Solutions website.
For information about securing your Paid Leave account, see our alert on the Paid Leave website.