The UCLA Information Security Office would like to raise awareness and urge caution related to an external website impersonating the legitimate UCLA Single Sign On (SSO) Authentication page to carry out credential harvesting attacks. The tactic relies on deceiving individuals to visit the page, often via a phishing email, and then inputting their credentials into the username/password field under the presumption that it is the legitimate UCLA SSO page. We are in the process of collaborating with our partners to shut down the host.
