Phish Bowl

The UCLA Information Security Office advises faculty, staff, and students to be vigilant when opening emails from unknown, suspicious, or unexpected senders. Some of these messages can contain malicious content in the form of infected file attachments or attempts to steal personal information through carefully crafted social engineering campaigns.

These emails, collectively called "phishing emails," or "phishing scams," are designed to trick campus users into providing their passwords and other identifying information to attackers.  They can also be designed to extort money or trick users into navigating to fake login pages, which can sometimes mimic the look of well-known logon screens, like the UCLA Logon page.

If you find the suspicious email you received already recorded in the phish bowl, please mark the email as spam, and you're done. If it's not noted in the phish bowl, please mark it as phishing (instructions below) and forward it to Information Security Team. It will be added so others are aware of it.

If you have responded to a suspicious email and/or clicked on a link and entered any account or personal information, please immediately contact the IT Support Center  or your local departmental IT unit  and reset your account password  to prevent scammers from using your account.

How to Report a Phishing Scam

The UCLA Information Security Office requests that campus users report phishing messages to our team so that we can proactively alert campus users and bring awareness to widespread phishing campaigns. In order for the Information Security Office to take action in response to a reported phishing message, please follow these steps:

  1. Please follow instructions on How to Report a Phishing Scam
  2. Send the resulting message and attachment to security@ucla.edu with a subject line identifying the message as a phishing report.

It is important to be aware of fraudulent phishing schemes. Check back here as we update the list below with known phishing attempts.

Date Title Description
05/11/2022 JOB POSITION! ​​​​​​​We urgently require the services  of  students  to  fill the position of Research assistants on a part time basis and get  paid $350  weekly. The position can be  served remotely and materials needed  to  work with will  be  provided  by the  department .
05/04/2022 Internship UCLA Review following security advisories related to recent job scams at UCLA and stay secure.
04/01/2022 Paycheck Avoid mobile deposit scams.
03/18/2022 Final Report for ... Spear phishing attempt is a carefully crafted personalized email that is usually sent with an attachment or requests a response. The fraudster then tries to entice the recipient to open the infected attachment or respond with personal information.
03/14/2022 ‘Are you busy?’, “Hi,” or “Urgent”. E-mail Scam We have reports from faculty and staff who have been recipients of a new twist on an old e-mail scam. These phishing scams often come from a non-UCLA email address with poor spelling/grammar.
03/07/2022 Avoid Package Delivery Scams You should never click a link or call back the number from an unexpected delivery notice.
03/03/2022 Job Scams at UCLA

UCLA Information Security Office is aware of UCLA students being targeted by fake job offer scams. Please read our recent Security Advisory regarding 

Job Opportunity Scams at UCLA - Department of Computer Science.

10/01/2021 Impersonation email campaign: Send me your available cell number

Recently UCLA has seen a significant increase in the volume of “impersonation” email campaigns affecting the campus community. These email campaigns rely on social engineering tactics and generally involve the creation of a Gmail account with a very similar email address to a senior UCLA executive in a deception attempt to coerce the recipient into a response.

05/21/2020 EVC/Provost Opportunity Phish Below is a sample phishing email that was recently sent out. If you receive this, please do not respond to it and do not click on any hyperlinks.
04/12/2020 Settings Changed Phish Below is a sample phishing email that was recently sent out. If you receive this, please do not respond to it and do not click on any hyperlink. From: Microsoft Web-Team [mailto:Outlook@@ @ trx.outlok.com] Sent: Friday, January 26, 2018 4:16 AM To: Subject: settings changed Importance: High Outlook Office365 Email   We detected a recent sign-in Windows device. You are getting this email to make sure it was you. To help keep you safe, we require an extra security challenge   Click Here   This action will take a brief period before this request takes effect This is a mandatory communication about the service. To set communication preferences for other cases. © 2018 Outlook-Corporation All Rights Reserved Terms of use Privacy & Cookies
03/31/2020 HR Team Phish Below is a sample phishing email that was recently sent out. If you receive this, please do not respond to it and do not click on any hyperlinks. From: [username]@ucla.edu Subject: HR Team Greetings: You have a message from the HR Department Click here to view your message Sincerely, The Human Resources Talent Acquisition Team This is an automatically generated email, please do not reply.
03/25/2020 [username]@[campus unit].ucla.edu Password Expiration Phish Below is a sample phishing email that was recently sent out. If you receive this, please do not respond to it and do not click on any hyperlinks. From: IT Help Desk Subject: [username]@[campus unit].ucla.edu password expiration [campus unit].ucla.edu Hello [username] Password for [username]@[campus unit].ucla.edu expires today Tuesday, March 23, 2021 at 2:34 PM Keep Same Password [campus unit].ucla.edu (c) 2021
03/25/2020 UNICEF Part-Time Job Opportunity Phish Below is a sample phishing email that was recently sent out. If you receive this, please do not respond to it and do not click on any hyperlinks. TEXT OF PHISHING EMAIL From: [username]@ucla.edu Subject: UNICEF PART – TIME JOB OPPORTUNITY Good Day, I am a staff hear at the institution, a professor of Medicine shared a link for students who might be interested in PAID UNICEF PART-TIME POSITION job to make up to $400 (USD) weekly. Follow the link below for more info regarding the position – CLICK HERE NOTE: THIS IS STRICTLY A WORK FROM HOME POSITION. Sincerely, Dr. Daniel Spencer
03/06/2020 Staff & Employee Benefits Phish Below is a sample phishing email that was recently sent out. If you receive this, please do not respond to it and do not click on any hyperlinks. From:   Sent: Friday, March 6, 2020 5:41 AM To: Subject: Staff & Employee Benefit All staff & employee are expected to  verify their email account for new payroll directory and adjustment for the month of March  benefit payment. Please kindly  Click MARCH-BENEFIT and complete the required directive to avoid omission of your benefit payment for March 2020 Thank you, Help Desk.
03/03/2020 Recalculation of your Tax Refund Payment Phish Below is a sample phishing email that was recently sent out. If you receive this, please do not respond to it and do not click on any hyperlinks. From: IRS Subject: Recalculation of your Tax Refund Payment Internal Revenue Service (IRS) Dear Applicant, After the last calculations of your annual tax refund, we have determined that you are eligible to receive an extra tax refund of 1400.00 USD Please submit the tax refund request and click here by having your tax refund sent to your account in due time. Please do not reply as the email address is not monitored for received mail.