The UCLA Information Security Office is aware of UCLA staff being targeted by messages from cyber criminals attempting to commit payroll fraud. Be wary of cyber criminals who may try to trick you by sending phishing emails or posing as HR and Payroll staff, asking you to change your bank account information.
Fraudulent emails usually ask for a change in banking information and may seem to come from the employee's genuine sender name and email signature. The scammers have enough knowledge about the authentic employee to impersonate them effectively on phone calls.
Please note, all Payroll changes must be completed via UCPath and are not communicated through email. Be sure the email address is that of your employee and not spoofed. Be cautious of requests for bank account changes that originate via email, especially if the email has an urgent or vague subject line.
Common email subject lines for this scam include:
“Payroll”
“Urgent Payroll Request.”
“Urgent Request!!”
“Changing of my Direct Deposit”
“change in Direct Deposit”
"Update My Info"
"Update in DD Details"
If you receive a suspicious email, do not click on any links or open any attachments within the message. Please do not reply to the email and immediately contact security[@]ucla.edu and report it to your IT team.
Sample phishing emails:
------------------------------------------------
https://ociso.ucla.edu/news/changing-my-direct-deposit-2023
