SUBJECT:

Beware of Email Phishing Scams

UC San Diego faculty, staff, and students are often the target of attempts to gain login credentials or personal information, also known as phishing. Phishing is the practice of requesting confidential information in an email that looks like it came from an institution such as a university, bank, IRS, USA or other government, law firm, the Post Office, UPS, FedEx, Amazon, eBay, PayPal, or any store or social media.

There has been a recent increase in phishing attempts that claim to be from a UC San Diego department. Sometimes the email says that your email account is over quota, that you must click a link to reactivate or update your account, or that you must provide login information to keep your account active. These are fraudulent attempts to gain access to your credentials or personal information.

You can assist us in blocking links and removing phishing messages from UC San Diego mailboxes by forwarding these messages to abuse@ucsd.edu.

To protect yourself from phishing attempts:

-Never share your passwords with anyone.

-UCSD, UCSD ITS, your bank, FedEx, the IRS, your credit card company, etc., will never ask for your password by email, phone, text message, or in person.

-Financial institutions might communicate with you via secure messaging, and you may receive an email from a financial institution informing you of that private message, but the institution will never ask for your personal information or password.

-Do not click on any embedded buttons in a phishing email, especially those that say "unsubscribe" or "remove me from this mailing list." These links often install malware on your systems.

If you have any questions about phishing, you can always consult your department systems administrator or ITS at postmaster@ucsd.edu.

Brian DeMeulle Executive Director - IT Infrastructure & Operations Acting Chief Information Security Officer UC San Diego IT Services Ken Wottge Chief Information Security Officer UC San Diego Health