Phish Bowl/Phishing Scams

The UCLA Information Security Office advises faculty, staff, and students to be vigilant when opening emails from unknown, suspicious, or unexpected senders. Some of these messages can contain malicious content in the form of infected file attachments or attempts to steal personal information through carefully-crafted social engineering campaigns.

These emails, collectively called "phishing emails," or "phishing scams," are designed to trick campus users into providing their passwords and other identifying information to attackers.  They can also be designed to extort money or trick users into navigating to fake login pages, which can sometimes mimic the look of well-known logon screens, like the UCLA Logon page.

How to Report a Phishing Scam

The UCLA Information Security Office requests that campus users report phishing messages to our team so that we can proactively alert campus users and bring awareness to widespread phishing campaigns. In order for the Information Security Office to take action in response to a reported phishing message, please refer to the following instructions for your email client::

It is important to be aware of fraudulent phishing schemes. Check back here for known phishing attacks.

DatePhishing AlertDescription
06/03/20Staff & Employee BenefitsPhishing email asking users to click a link to verify their email and receive a monthly benefit payment
11/13/19we need you only if you are interestedPhishing email posing as Amazon; asks for personal details and promises money to a "Mystery Shopper"
10/16/19NEW PAYROLL SERVICEPhishing email asking for employee details for upgraded payroll services
10/15/19Question – application for a Professor positionPhishing email enquiring after university details to apply as a professor
9/17/19RE: ICT Technical SupportPhishing email about migrating Outlook Web App 2019 accounts
9/2/19Urgent HirePhishing email about a part-time position
8/9/19Subject: Re:DFPhishing email saying account will be unable to send or receive messages
8/7/19help deskPhishing email saying e-mail password is expiring
7/19/19About: Ownership Confirmation of [account]@ucla.eduPhishing email asking for account ownership confirmation
7/17/19Re: Mailbox limit have exceededPhishing email pretending to be from a helpdesk
7/12/19Email Alert From UCLA Division of Astronomy & AstrophysicsPhishing email asking the user to update their password
6/13/19Dr. Karen L Gordes WORK-STUDYPhishing email offering workstudy opportunity


Phishing email offering an internship and work study
5/28/19Sextortion ScamPhishing email saying they have explicit content 
5/28/19RE: Action Required: Update your payment information nowPhishing email saying payment has been declined
5/28/19New Important ArticlePhishing email directing students, faculty and staff to view a new website article
5/28/19VoicemailsPhishing email saying there are new voicemails from Anna Aman
5/24/19ATTENTION!!!Phishing email claiming UCLA webmail important update
5/23/19PART TIME OPEN JOB POSITION CISCOsystemsPhishing email offering a part-time job at CISO
5/23/19Part-time employment opportunity from Dr. Josh BrolinPhishing email offering a part-time job from Dr. Josh Brolin
2/26/19shipping/delivery Company/agentPhishing email about abandoned shipment
2/26/19FW!!!Good Afternoon*****Phishing email telling users they've been selected to work with Edward R. Carr
2/26/19Your Chase Online: Action RequiredPhising email saying user needs to review their account
2/6/19Security Notice. Someone have access to your system.Phishing email blackmailing user for bitcoin.
12/21/18good newsPhishing email with attachment telling user they've won a Gmail Lottery Award.
12/14/18[email protected][.]ORG HAS SHARED DIRECTORY - RADFORD UNIVERSITYPhishing email advertising part-time work. 
12/4/18Survey invitation to evaluate Steven JonasPhishing email asking users to take a survey.
11/30/18Re: IT Service DeskPhishing email claiming to be from the IT Help Desk Team, asking the user to click on a link to update Outlook Web Access.
11/30/181 New Unread EmailPhishing email claiming to be from UCLA CS.
11/30/18[email protected]Phishing email advertising a survey evaluation job from Radford University.
11/5/18Billing Problem (Apple ID)Phishing email posing as Apple asking user to click and verify information.
10/12/18Skype Message - Board Meeting ScheduledPhishing email that states: "a meeting was schedule with you on skype" with link to click.  
10/9/18Action Required: Email Account Synchronization FailedPhishing email telling users they need to click on link to switch to a new web interface.
10/9/18Phishing email asking UCLA user to synchronize their mail.
10/4/18Payment SuccessfulPhishing email posing as Apple asking users to sign in with Apple ID.
10/4/18ITHelp DeskPhishing email asking users to validate account and click validation link.
10/4/18RE: Support DeskPhishing email asking faculty/staff and employees to click link to update Outlook for 2018.
10/3/18Your Mailbox De-activation NoticePhishing email asking users to verify their identity by clicking on a link.
10/3/18Email Policy UpdatesPhishing email posing as Outlook Web app asking users to enter email and password.
9/20/18Unauthorized Failed AccessPhishing email posing as Bank of America asking user to click on link.
9/14/18FSA Phishing - Malicious Campaign AlertMultiple institutions of higher education have reported that attackers are using a phishing email to obtain access to student accounts via their student portal.
9/14/18Google Accounts - Your Account Will Be DeactivatedPhishing email with notice: "This is to inform you that your request on: [DATE] to remove your account from server has been approved and will initiate in one hour from the exact time you open this message."
9/12/18Part-time Job Opportunity (Multiple Scam Variants)Phishing email advertising jobs for drivers willing to advertise "Australian Open" on their cars
9/11/18Attention UCLA UserPhishing email posing as UCLA server asking for login and password information