KB0010539 - Identify Email Phishing Scams

Overview

Phishing (pronounced “fishing’) is an email scam designed to acquire sensitive information from people. The most successful phishing emails are designed to look like the email comes from a reputable source such as a known person or entity. UC San Diego faculty, staff, and students are often the target of attempts to gain login credentials or personal information through phishing scams that may claim to be coming from UC San Diego, UC San Diego IT Services, or a UC San Diego department. Sometimes the email says that your email account is over quota so you must click a link to reactivate or update your account, or that you must provide your user information to keep your account active. These are fraudulent attempts and should not be replied to or acted upon.

Think you can spot a phishing email when you see one? Sign up for the faux phishing campaign being run by IT Services Security. (Note: log in to your campus G Suite account to access this Google Form. If you don't have an enabled Google account, just send a request to cybersecurity@ucsd.edu to sign up instead.)

Critical Concepts

Never share your passwords with anyone
Do not click on any embedded buttons in a phishing email, especially those that say "unsubscribe" or "remove me from this mailing list." These links often install malware on your system.
Call the individual or office that purportedly sent the email to confirm that it is a real request.
Report phishing attempts and false senders to IT Services Security at abuse@ucsd.edu.

Steps to Take

Identify a phishing email

Look at this example of a phish message that is mocked up to show its telltale signs.

Remember UC San Diego will never ask for or ask you to confirm this information via email:

Account information
Password
Address
Personal information such as age, social security number, or home address

Though the signature of an email may include a legitimate UC San Diego department name or logo, this alone should not be used to determine whether an email is from UC San Diego. If you suspect a message is not a valid campus message, do not click links or open attachments. Call the individual or office that purportedly sent the email to confirm that it is a real request. You may also forward the message to the IT Security team at abuse@ucsd.edu.

Check a website link within an email

Phishers commonly put a link in their emails that looks valid but actually goes to a fake or imitation site. If you hover your mouse over the link (without clicking it) you can see the actual destination website address.

Do not click on a link if:

The address does not correspond to your expectations.
You see misspellings in the address.

If you are uncertain, use a search engine to look for the institution's page and see if the addresses match.

What to do with a suspicious email

Do not follow links to a webpage.
Do not fill out any forms that ask for personal or financial information.
IT Services continuously monitors for phishing emails and takes action when the message source can be reliably determined. If you believe you have received a phishing email, forward it to abuse@ucsd.edu.
Delete the message.

If you still have questions or need additional assistance, please submit a ticket or call the ITS Service Desk at (858) 246-4357