Phish Bowl

The UCLA Information Security Office advises faculty, staff, and students to be vigilant when opening emails from unknown, suspicious, or unexpected senders. Some of these messages can contain malicious content in the form of infected file attachments or attempts to steal personal information through carefully crafted social engineering campaigns.

These emails, collectively called "phishing emails," or "phishing scams," are designed to trick campus users into providing their passwords and other identifying information to attackers.  They can also be designed to extort money or trick users into navigating to fake login pages, which can sometimes mimic the look of well-known logon screens, like the UCLA Logon page.

If you find the suspicious email you received already recorded in the phish bowl, please mark the email as spam, and you're done. If it's not noted in the phish bowl, please mark it as phishing (instructions below) and forward it to Information Security Team. It will be added so others are aware of it.

If you have responded to a suspicious email and/or clicked on a link and entered any account or personal information, please immediately contact the IT Support Center  or your local departmental IT unit  and reset your account password  to prevent scammers from using your account.

How to Report a Phishing Scam

The UCLA Information Security Office requests that campus users report phishing messages to our team so that we can proactively alert campus users and bring awareness to widespread phishing campaigns. In order for the Information Security Office to take action in response to a reported phishing message, please follow these steps:

  1. Please follow instructions on How to Report a Phishing Scam
  2. Send the resulting message and attachment to with a subject line identifying the message as a phishing report.

It is important to be aware of fraudulent phishing schemes. Check back here as we update the list below with known phishing attempts.

Date Title Description
03/23/2023 Office 365 - Authentication Notification We would like to inform you about a new phishing campaign that targets Microsoft 365 users requesting them to change their password due to account expiration. 
03/15/2023 Please confirm your email account with

The UCLA Information Security Office is aware of UCLA staff/students are being targeted by messages from spoofed email addresses: account-security-noreply[@] making urgent calls to confirm their email accounts.

03/11/2023 UCLA Gives - Making donations to an unaffiliated individual

The UCLA Information Security Office is aware of a phishing campaign attempting to coerce recipients into making donations to an unaffiliated individual. The "From" (uclagives[at] address in this campaign is using an impersonated UCLA email in a deceptive attempt to gain legitimacy.

02/15/2023 UCLA Stand with Türkiye and Syria

The UCLA Information Security Office is aware of a phishing campaign attempting to exploit the earthquake tragedy in Turkey to coerce recipients into making donations to an unaffiliated individual. The "From" (uclagives[at] address in this campaign is using an impersonated UCLA email in a deception attempt to gain legitimacy.

01/26/2023 Changing of my Direct Deposit Fraudulent Employee Direct Deposit Information Urgent Update Requests
01/12/2023 Document shared with you: "2022-2023 Faculty Evaluation .Docx" Impersonation of a leader within the UCLA organization requesting they review a fake Google Doc evaluation.
01/08/2023 Impersonation Email Campaigns: Kindly provide your available cell number i can reach you at

Recently UCLA has seen a significant increase in the volume of “impersonation” email campaigns affecting the campus community. These email campaigns rely on social engineering tactics and generally involve the creation of a Gmail account with a very similar email address to a senior UCLA executive in a deception attempt to coerce the recipient into a response.

09/06/2022 Waiting for the payment. I have e-mailed you from your account email scam Scam emails claim that an explicit video featuring the recipient will be leaked unless a ransom is paid.
08/05/2022 JOB FOR YOU - Department of Psychology Department of Psychology needs the services of students to work remotely as research assistants and gets paid weekly.
05/11/2022 JOB POSITION! ​​​​​​​We urgently require the services  of  students  to  fill the position of Research assistants on a part time basis and get  paid $350  weekly. The position can be  served remotely and materials needed  to  work with will  be  provided  by the  department .
05/04/2022 Internship UCLA Review following security advisories related to recent job scams at UCLA and stay secure.
04/01/2022 Paycheck Avoid mobile deposit scams.
03/18/2022 Final Report for ... Spear phishing attempt is a carefully crafted personalized email that is usually sent with an attachment or requests a response. The fraudster then tries to entice the recipient to open the infected attachment or respond with personal information.
03/14/2022 ‘Are you busy?’, “Hi,” or “Urgent”. E-mail Scam We have reports from faculty and staff who have been recipients of a new twist on an old e-mail scam. These phishing scams often come from a non-UCLA email address with poor spelling/grammar.
03/07/2022 Avoid Package Delivery Scams You should never click a link or call back the number from an unexpected delivery notice.