OFFICE OF THE CHIEF INFORMATION SECURITY OFFICER
OFFICE OF THE CHIEF INFORMATION SECURITY OFFICER,
UC SAN DIEGO HEALTH
|
|
|
ALL ACADEMICS AND STAFF AT UC SAN DIEGO, INCLUDING UC SAN DIEGO HEALTH
|
Urgent: Protect Yourself from UCPath Phishing Scams |
The Office of Information Assurance would like to alert you to an ongoing phishing scam targeting UCPath users across all University of California locations, including UC San Diego. The scam involves malicious domains and websites that mimic the legitimate UCPath website, aiming to steal your username, password, DUO MFA code, and UCPath security questions.
These attackers use the stolen information to log into UCPath, change your Direct Deposit information to a different bank account, and divert your pay to their bank account. You may be affected if you receive an email from UCPath titled "Direct Deposit Updated" without initiating the change.
To protect yourself:
|
-
Notify IT Security immediately if: You have received an email from UCPath titled “Direct Deposit Updated” without having initiated it, or a DUO notification without having initiated a DUO prompt. Campus users contact security@ucsd.edu. Health users contact hs-infosecurity@health.ucsd.edu.
- Verify your Direct Deposit information: Immediately check your UCPath account to ensure your Direct Deposit information is accurate. If it has been changed without your authorization, contact UCPath right away to correct it.
-
Only access UCPath through the official website: Always visit UCPath via ucpath.ucsd.edu and avoid searching for "UCPath" on search engines, which may lead to malicious domains.
-
Be cautious of phishing emails and websites: Be aware of emails or websites that ask for your UCPath login credentials, DUO MFA code, or security questions. Legitimate UCPath communications will not request this information via email or unsecured websites.
-
Update your security questions and reset your UC San Diego AD credentials: If you suspect you have been affected, change your UCPath security questions and reset your UC San Diego AD credentials at password.ucsd.edu to prevent further unauthorized access.
|
Kevin Chou
Acting Chief Information Security Officer, UC San Diego
Scott Currie
Chief Information Security Officer, UC San Diego Health
|
|
|
University of California San Diego, 9500 Gilman Drive, La Jolla, CA, 92093 |
|
|
|