Office of the Chief Information Security Officer

The UCLA Information Security Office would like to raise awareness and urge caution related to an external website impersonating the legitimate UCLA Single Sign On (SSO) Authentication page to carry out credential harvesting attacks. The tactic relies on deceiving individuals to visit the page, often via a phishing email, and then inputting their credentials into the username/password field under the presumption that it is the legitimate UCLA SSO page. We are in the process of collaborating with our partners to shut down the host.

Fraudulent Employee Direct Deposit Information Urgent Update Requests

UCLA students report getting scammed for UCLA Football tickets in group chats.

Spear phishing attempt is a carefully crafted personalized email that is usually sent with an attachment or requests a response. The fraudster then tries to entice the recipient to open the infected attachment or respond with personal information.

We have reports from faculty and staff who have been recipients of a new twist on an old e-mail scam. These phishing scams often come from a non-UCLA email address with poor spelling/grammar.

UCLA Information Security Office is aware of UCLA students being targeted by fake job offer scams.

Below is a sample phishing email that was recently sent out. If you receive this, please do not respond to it and do not click on any hyperlinks.