During emergency situations, cybercriminals exploit heightened emotions and urgency to trick individuals into revealing sensitive information or taking harmful actions. Staying aware of their tactics and practicing caution is essential to protect yourself and the UCLA community.
What to Watch For
- Impersonation of Trusted Individuals or Organizations
- Threat actors may pretend to be university officials, government agencies, emergency responders, or even coworkers.
- They may contact you via email, phone, or text, using urgency or fear to pressure you into immediate action.
- Phishing Emails and Messages
- Fake emails or messages claiming to offer emergency updates, aid, or instructions.
- Common tricks include links to fraudulent websites or attachments containing malware.
- Requests for Sensitive Information
- Scammers may ask for login credentials, financial details, or personal data, claiming it is needed for urgent purposes (e.g., disaster relief, account verification).
- Fake Fundraising or Charity Scams
- Fraudulent calls or emails asking for donations to assist with the emergency but directing funds to fraudsters instead. These scams often include links to fake websites or use mobile payment platforms.
- Urgent or Scary Scenarios
- Messages that create panic, like "Your account has been hacked" or "You’ll lose access if you don’t act immediately," to prompt hasty decisions without verification.
How to Protect Yourself
- Verify Before You Act
- Confirm the sender or caller’s identity by independently contacting the person or organization using verified contact information (e.g., official UCLA websites).
- Avoid relying on contact information provided in suspicious messages.
- Be Wary of Unsolicited Requests
- Never share sensitive information (e.g., passwords, Social Security numbers, or financial details) with anyone who contacts you unexpectedly.
- Legitimate organizations will not pressure you into providing personal information quickly.
- Inspect Emails and Messages Closely
- Look for signs of phishing, such as spelling errors, generic greetings (e.g., “Dear User”), or unusual email addresses.
- Hover over links to check if they lead to legitimate websites before clicking.
- Avoid Downloading Attachments from Unknown Sources
- Only open files from trusted senders. Malicious attachments may contain viruses or ransomware.
- Be Skeptical of Requests for Money
- If asked to donate, research the organization independently before giving. Avoid clicking donation links in unsolicited emails or texts.
- Enable Two-Factor Authentication (2FA)
- Add an extra layer of protection to your accounts. Even if your password is stolen, 2FA helps keep your account secure.
- Stay Informed Through Official Channels
- Get emergency updates directly from the university’s official website, mobile app, or trusted email addresses.
- Avoid relying on third-party sources unless verified as legitimate.
- Fake Mobile Apps
- Be cautions of downloading emergency-related apps from unofficial app stores, as they may contain malware.
- QR Code Scams
- Avoid scanning QR codes shared via unsolicited emails, texts or on unverified posters, as they may lead to phishing websites.
- Impersonation in Collaboration Platforms:
- Threat actors may impersonate colleagues on platforms like Zoom or Slack to distribute malicious links or files.
If You Suspect an Attack
- Do not respond or provide information.
- Report it immediately to security@ucla.edu.
- If you clicked a suspicious link or shared sensitive information, change your passwords and notify us right away.
- Contact the Federal Trade Commission (FTC) at ReportFraud.ftc.gov if you suspect fraud or the National Disaster Fraud Hotline at 866-720-5721.
Resources
- Visit oag.ca.gov for the latest tips.
- For more information on how to protect yourself and your donations, check out the California Department of Justice’s (DOJ) donation tips webpage at oag.ca.gov/donations.
Emergencies bring out the best in many, but unfortunately, they also attract scammers. By staying vigilant and following these guidelines, you can help protect yourself and our UCLA community from harm.
