The UCLA Information Security Office is aware of a phishing campaign attempting to coerce recipients into clicking an attachment and deceive users into providing their Duo authentication credentials. This is not a legitimate e-mail and recipients should not provide any information to the sender.
These phishing e-mails may include messages such as:
"Gene Block has invited you to view the following file that needs urgent attention"
Sample attachments such as:
"2023 FACULTY EVALUATION"
Recent Phish Bowl News Articles
UCLA Information Security Office is aware of UCLA students being targeted by fake job/internship scams. Be mindful of phishing emails that may be disguised as a job opportunity.
Review the following security advisories related to recent job scams at UCLA and stay secure.
Example Emails:
------------------------
The UCLA Information Security Office would like to raise awareness and urge caution related to two external websites impersonating the legitimate UCLA Single Sign On (SSO) Authentication page to carry out credential harvesting attacks. The tactic relies on deceiving individuals to visit the page, often via a phishing email, and then inputting their credentials into the username/password field under the presumption that it is the legitimate UCLA SSO page. We are in the process of collaborating with our partners to shut down these hosts.
The UCLA Information Security Office is aware of UCLA staff being targeted by messages from cyber criminals attempting to commit payroll fraud. Be wary of cyber criminals who may try to trick you by sending phishing emails or posing as HR and Payroll staff, asking you to change your bank account information.
Fraudulent emails usually ask for a change in banking information and may seem to come from the employee's genuine sender name and email signature. The scammers have enough knowledge about the authentic employee to impersonate them effectively on phone calls.
The UCLA Information Security Office is aware of UCLA staff being targeted by messages from Google Docs with the subject "Document shared with you: "HR BENEFITS.docx" requesting an urgent review of a faculty evaluation Google Doc. The email usually indicates this request is coming from a leader within the organization, but the sender address is often non-affiliated with UCLA. This is not a legitimate message from the organization, and the Google Doc should not be opened or responded to.
We would like to inform you about a new phishing campaign that targets Microsoft 365 users requesting them to change their password due to account expiration.
The UCLA Information Security Office is aware of UCLA staff/students are being targeted by messages from spoofed email addresses: account-security-noreply[@]ucla.edu making urgent calls to confirm their email accounts.
Spoofed emails are a common form of phishing attack that is designed to trick you into divulging personal information. Spoofed emails often contain links that lead to phishing websites or malware sites. Always hover over any links in the email to ensure that the URL matches the sender's website or a legitimate website.
The UCLA Information Security Office is aware of a phishing campaign attempting to coerce recipients into making donations to an unaffiliated individual. The "From" (uclagives[at]ucla.edu) address in this campaign is using an impersonated UCLA email in a deceptive attempt to gain legitimacy. This is not a legitimate donation campaign and recipients should not provide any information or donation.
The UCLA Information Security Office is aware of a phishing campaign attempting to exploit the earthquake tragedy in Turkey to coerce recipients into making donations to an unaffiliated individual. The "From" (uclagives[at]ucla.edu) address in this campaign is using an impersonated UCLA email in a deception attempt to gain legitimacy. This is not a legitimate donation campaign, and recipients should not provide any information or donation.
Fraudulent Employee Direct Deposit Information Urgent Update Requests
Impersonation of a leader within the UCLA organization requesting they review a fake Google Doc evaluation.
Recently UCLA has seen a significant increase in the volume of “impersonation” email campaigns affecting the campus community. These email campaigns rely on social engineering tactics and generally involve the creation of a Gmail account with a very similar email address to a senior UCLA executive in a deception attempt to coerce the recipient into a response.
Scam emails claim that an explicit video featuring the recipient will be leaked unless a ransom is paid.
Department of Psychology needs the services of students to work remotely as research assistants and gets paid weekly.
We urgently require the services of students to fill the position of
Research assistants on a part time basis and get paid $350 weekly.
The position can be served remotely and materials needed to work with
will be provided by the department .
Review following security advisories related to recent job scams at UCLA and stay secure.
Avoid mobile deposit scams.
Spear phishing attempt is a carefully crafted personalized email that is usually sent with an attachment or requests a response. The fraudster then tries to entice the recipient to open the infected attachment or respond with personal information.
We have reports from faculty and staff who have been recipients of a new twist on an old e-mail scam. These phishing scams often come from a non-UCLA email address with poor spelling/grammar.
You should never click a link or call back the number from an unexpected delivery notice.
