Phish Bowl/Phishing Scams
The UCLA Information Security Office advises faculty, staff, and students to be vigilant when opening emails from unknown, suspicious, or unexpected senders. Some of these messages can contain malicious content in the form of infected file attachments or attempts to steal personal information through carefully-crafted social engineering campaigns.
These emails, collectively called "phishing emails," or "phishing scams," are designed to trick campus users into providing their passwords and other identifying information to attackers. They can also be designed to extort money or trick users into navigating to fake login pages, which can sometimes mimic the look of well-known logon screens, like the UCLA Logon page.
How to Report a Phishing Scam
The UCLA Information Security Office requests that campus users report phishing messages to our team so that we can proactively alert campus users and bring awareness to widespread phishing campaigns. In order for the Information Security Office to take action in response to a reported phishing message, please refer to the following instructions for your email client::
It is important to be aware of fraudulent phishing schemes. Check back here for known phishing attacks.
| Date | Phishing Alert | Description |
|---|---|---|
| 06/03/20 | Staff & Employee Benefits | Phishing email asking users to click a link to verify their email and receive a monthly benefit payment |
| 11/13/19 | we need you only if you are interested | Phishing email posing as Amazon; asks for personal details and promises money to a "Mystery Shopper" |
| 10/16/19 | NEW PAYROLL SERVICE | Phishing email asking for employee details for upgraded payroll services |
| 10/15/19 | Question – application for a Professor position | Phishing email enquiring after university details to apply as a professor |
| 9/17/19 | RE: ICT Technical Support | Phishing email about migrating Outlook Web App 2019 accounts |
| 9/2/19 | Urgent Hire | Phishing email about a part-time position |
| 8/9/19 | Subject: Re:DF | Phishing email saying account will be unable to send or receive messages |
| 8/7/19 | help desk | Phishing email saying e-mail password is expiring |
| 7/19/19 | About: Ownership Confirmation of [account]@ucla.edu | Phishing email asking for account ownership confirmation |
| 7/17/19 | Re: Mailbox limit have exceeded | Phishing email pretending to be from a helpdesk |
| 7/12/19 | Email Alert From UCLA Division of Astronomy & Astrophysics | Phishing email asking the user to update their password |
| 6/13/19 | Dr. Karen L Gordes WORK-STUDY | Phishing email offering workstudy opportunity |
| 5/29/19 | Phishing email offering an internship and work study | |
| 5/28/19 | Sextortion Scam | Phishing email saying they have explicit content |
| 5/28/19 | RE: Action Required: Update your payment information now | Phishing email saying payment has been declined |
| 5/28/19 | New Important Article | Phishing email directing students, faculty and staff to view a new website article |
| 5/28/19 | Voicemails | Phishing email saying there are new voicemails from Anna Aman |
| 5/24/19 | ATTENTION!!! | Phishing email claiming UCLA webmail important update |
| 5/23/19 | PART TIME OPEN JOB POSITION CISCOsystems | Phishing email offering a part-time job at CISO |
| 5/23/19 | Part-time employment opportunity from Dr. Josh Brolin | Phishing email offering a part-time job from Dr. Josh Brolin |
| 2/26/19 | shipping/delivery Company/agent | Phishing email about abandoned shipment |
| 2/26/19 | FW!!!Good Afternoon***** | Phishing email telling users they've been selected to work with Edward R. Carr |
| 2/26/19 | Your Chase Online: Action Required | Phising email saying user needs to review their account |
| 2/6/19 | Security Notice. Someone have access to your system. | Phishing email blackmailing user for bitcoin. |
| 12/21/18 | good news | Phishing email with attachment telling user they've won a Gmail Lottery Award. |
| 12/14/18 | [email protected][.]ORG HAS SHARED DIRECTORY - RADFORD UNIVERSITY | Phishing email advertising part-time work. |
| 12/4/18 | Survey invitation to evaluate Steven Jonas | Phishing email asking users to take a survey. |
| 11/30/18 | Re: IT Service Desk | Phishing email claiming to be from the IT Help Desk Team, asking the user to click on a link to update Outlook Web Access. |
| 11/30/18 | 1 New Unread Email | Phishing email claiming to be from UCLA CS. |
| 11/30/18 | [email protected] | Phishing email advertising a survey evaluation job from Radford University. |
| 11/5/18 | Billing Problem (Apple ID) | Phishing email posing as Apple asking user to click and verify information. |
| 10/12/18 | Skype Message - Board Meeting Scheduled | Phishing email that states: "a meeting was schedule with you on skype" with link to click. |
| 10/9/18 | Action Required: Email Account Synchronization Failed | Phishing email telling users they need to click on link to switch to a new web interface. |
| 10/9/18 | Phishing email asking UCLA user to synchronize their mail. | |
| 10/4/18 | Payment Successful | Phishing email posing as Apple asking users to sign in with Apple ID. |
| 10/4/18 | ITHelp Desk | Phishing email asking users to validate account and click validation link. |
| 10/4/18 | RE: Support Desk | Phishing email asking faculty/staff and employees to click link to update Outlook for 2018. |
| 10/3/18 | Your Mailbox De-activation Notice | Phishing email asking users to verify their identity by clicking on a link. |
| 10/3/18 | Email Policy Updates | Phishing email posing as Outlook Web app asking users to enter email and password. |
| 9/20/18 | Unauthorized Failed Access | Phishing email posing as Bank of America asking user to click on link. |
| 9/14/18 | FSA Phishing - Malicious Campaign Alert | Multiple institutions of higher education have reported that attackers are using a phishing email to obtain access to student accounts via their student portal. |
| 9/14/18 | Google Accounts - Your Account Will Be Deactivated | Phishing email with notice: "This is to inform you that your request on: [DATE] to remove your account from gmail.com server has been approved and will initiate in one hour from the exact time you open this message." |
| 9/12/18 | Part-time Job Opportunity (Multiple Scam Variants) | Phishing email advertising jobs for drivers willing to advertise "Australian Open" on their cars |
| 9/11/18 | Attention UCLA User | Phishing email posing as UCLA server asking for login and password information |