Email Scam Alerts

August 27, 2015

> Go to IT Security Home page
Go to IT Security News page
> Go to "Beware of Scams" page

August 27, 2015 - Latest Scam

To: UCSC Community
Fr: Lisa Bono, Information Technology Services

I am writing to alert you about an email scam that appears to be from IT HELP DESK <cole_sawyer-my.uri.edu> asking you to click on a link to renew your UCSC.edu mail account. It's a scam! DELETE IT.

The link will lead you to a form asking for your CruzID username and Gold password. DO NOT give out this information.

This is an excellent reminder to never click on mystery links or open unexpected attachments without first verifying the legitimacy of the message. If you can’t verify that a message is legitimate, delete it. For additional information, visit http://its.ucsc.edu/security/scams.html.

If you were affected by this scam or have questions, please submit an IT Request ticket at http://itrequest.ucsc.edu or contact the ITS Support Center by email help@ucsc.edu, telephone 459-HELP(4357), or in-person Kerr Hall Room 54.

Thank you.

---

A copy of the email scam is below. If you receive this email, DO NOT reply or click on the link. Just delete it.

From: IT HELP DESK <cole_sawyer@my.uri.edu>
Subject: IT Help desk
Date: August 27, 2015 at 10:24:38 AM PDT
To: undisclosed-recipients:;

NOTIFICATION

Your account will been suspended in the nest three hours you can not send or receive until you renew your UCSC.edu mail account follow the link and fill the information to renew your mail box

<<link omitted>>

Thanks IT Help desk


August 12, 2015

A particularly convincing phishing scam was sent to several hundred people at UCSC Wednesday evening, August 12, 2015. As a reminder, do not click on links or open attachments in any unsolicited email, especially if the message is asking you for personal information or to revalidate/confirm accounts. ITS and other reputable organizations will NEVER ask for this information.

On the surface, the email appeared to be from a UCSC staff person many of the recepients know and trust. The email included a realistic-looking image that appeared to be from Dropbox, saying, “This user used Dropbox to share a file with you!” along with a “Click here to view” link to access the file.

Although this email appeared to be authentic, this was, in fact, a sophisticated, targeted phish. Messages like this are often called “spear phishing” because they are so targeted.

People who clicked on the link were taken to a fake Dropbox page that prompted them to select their email provider and enter their email userID and password, thereby giving their CruzID and Blue password to the attacker. They were then prompted to download and install a file, possibly compromising their computer.

This is an excellent reminder that no matter how legitimate an email appears, NEVER click on mystery links or open unexpected attachments without first verifying the legitimacy of the message. If you can’t verify that a message is legitimate, DELETE IT.


February 23, 2015

UCSC staff and students were hit with the following email scam on February 23, 2015. As a reminder, do not click on links or open attachments in any unsolicited email, especially if the message is asking you for personal information or to revalidate/confirm accounts. ITS and other reputable organizations will NEVER ask for this information.

*****************************

Dear UCSC Students/ Staff E-mail Subscribers,

Your Santa Cruz Mailbox Account have exceeded the storage limit which is 100GB as set by your School Administrator, you are currently running on 23GB, you may not be able to send or receive new mails from your University Of California Google Account until you re-validate your Santa Cruz mailbox.

Click Here to Re-Validate your UCSC Account: [bogus link here]

Warning!!! All Santa Cruz Students/ Staff Account owners that refuse to Re-Validate his or her account within two days of receiving this email will lose his or her account permanently. AGB © upc cablecom GmbH 2015. We apologize for any inconvenience this may have caused you. Thank you for using our Santa Cruz Google Account E-mail.

Tech Support Customer
Care Case number: 8941624
Property: Account Security
Thank you for using our UCSC E-mail Service.
Copyright 2015


February 6, 2015 - Special Alert

Special phishing alert related to the recent Anthem Blue Cross/Blue Shield security breach.


February 5, 2015

A phishing email with the subject "Reminder.." that appears to be from "University Of California <jhowry@ucsc.edu> or <japhan@ucsc.edu>" hit campus on February 5th (see sample below). Please note: This is the EXACT SAME phishing email that was sent in the Jan 21st attempt described below. Only the expanded "from" address is different.

This email is an attempt to trick you into clicking on a link and providing your account information to hackers.

As with all emails that ask you for personal information or attempt to get you to click on an unknown link or attachment, report the email to Google as phishing, then delete it. Never respond or reply to these emails.

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

From: University Of California <jhowry@ucsc.edu> or <japhan@ucsc.edu>
Date: Thurs, Feb 5, 2015
Subject: Reminder..

Dear ucsc.edu Account User,

This is a courtesy notice from your ucsc.edu Admin Team, and it's to inform you that your email account has exceeded it's mail quota on the database server. Your email account will be blocked from sending and receiving emails if your email account is not verified within 24-48 hours.

You are advised to click the following link below and also follow the instructions to verify your account.

Link omitted.

Thanks,
ucsc.edu IT Service Desk.


January 21, 2015

The following phishing email hit campus on January 21 (see sample below). This email is an attempt to trick you into clicking on a link and providing your account information to hackers.

As with all emails that ask you for personal information or attempt to get you to click on an unknown link or attachment, report the email to Google as phishing, then delete it. Never respond or reply to these emails.

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

From: University Of California <ailin@udd.cl>
Date: Wed, Jan 21, 2015

Dear ucsc.edu Account User,

This is a courtesy notice from your ucsc.edu Admin Team, and it's to inform you that your email account has exceeded it's mail quota on the database server. Your email account will be blocked from sending and receiving emails if your email account is not verified within 24-48 hours.

You are advised to click the following link below and also follow the instructions to verify your account.

Link omitted.

Thanks,

ucsc.edu IT Service Desk.


January 13, 2015

University students and employees across the United States have been the target of two different email scams on January 13, 2015. Please be aware of the following FBI warnings and remember to report phishing scams to Google. 

To report phishing to Google:

You must do this from your email on the web. If you don't normally access your email via the web, go to mail.google.com and log in with your username and CruzID Blue password. When your mailbox loads, select the message you'd like to report.

  • For spam, click on the spam button in the toolbar above your message list (the one that looks like a stop sign with an exclamation mark).
  • To report phishing, please open the message and click on the little drop-down arrow next to the reply button in the top right corner of the email and select "Report phishing" (you can also report spam this way).

General cyber security recommendations are available at: http://its.ucsc.edu/security/. Additional information about avoiding scams is available at: http://its.ucsc.edu/security/scams.html


September 25, 2014

The following phishing email hit campus today (see sample below). This email is an attempt to trick you into clicking on a link and providing your account information to hackers.

As with all emails that ask you for personal information or attempt to get you to click on an unknown link or attachment, report the email to Google as phishing, then delete it. Never respond or reply to these emails.

If you you did click on the link, please contact the ITS Support Center for assistance at https://itrequest.ucsc.edu or by email at help@ucsc.edu, or telephone at 459-HELP(4357).

General cyber security recommendations are available at: http://its.ucsc.edu/security/.
Additional information about avoiding scams is available at http://its.ucsc.edu/security/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

From: UNIVERSITY OF CALIFORNIA <econtesd@ucsc.edu>
Date: Thu, Sep 25, 2014
Subject: Dear Students / Staff Subscribe
To:

Dear Students / Staff Subscriber,

This is to inform all Santa Cruz Staffs and students that we are currently experiencing some serious technical problems with our servers due to some internet criminals, please be informed, do not give your information to anyone claiming to be your Santa Cruz Webmail Administrator , unless we asked you to do so. Therefore, we would be shutting down all unused Santa Cruz Students / Staffs accounts that have not checked their emails to avoid further damage from spammers and Internet deactivation of your account, you will need to confirm your email address to enable us serve and protect your Santa Cruz E-mail account from spammers.

Click here to upgrade your Santa Cruz Account: <<link omitted>>

*Important*Please make sure you fill the said form with your complete information correctly otherwise due to security reasons we may have no choice than to close your email account temporarily.

Warning!!! All Students and Staff of Santa Cruz that refuse to update his or her account within two days of receiving this email will lose his or her account permanently. AGB © upc cablecom GmbH 2013. We apologize for any inconvenience this may have caused you. Thank you for using Santa Cruz Webmail

Tech Support Customer Care
Case number: 8941624
Property: Account Security
Thank you for using our University Webmail Service.
Copyright 2014: University Of California: Santa Cruz.


September 13, 2014

Over the weekend, UCSC was hit with the following phishing email (see sample below).
Please note: This is the EXACT SAME phishing email that was sent in the July 14th attempt described below.

This email is an attempt to trick you into clicking on a link and providing your account information to hackers. As with all emails that ask you for personal information or attempt to get you to click on an unknown link or attachment, report the email to Google as phishing, then delete it. Never respond or reply to these emails.

If you you did click on the link, please contact the ITS Support Center for assistance at https://itrequest.ucsc.edu or by email at help@ucsc.edu, or telephone at 459-HELP(4357).

To report phishing to Google:

You must do this from your email on the web. If you don't normally access your email via the web, go to mail.google.com and log in with your username and CruzID Blue password. When your mailbox loads, select the message you'd like to report.

  • For spam, click on the spam button in the toolbar above your message list (the one that looks like a stop sign with an exclamation mark).
  • To report phishing, please open the message and click on the little drop-down arrow next to the reply button in the top right corner of the email and select "Report phishing" (you can also report spam this way).

General cyber security recommendations are available at: http://its.ucsc.edu/security/. Additional information about avoiding scams is available at http://its.ucsc.edu/security/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

Dear Students / Staff Subscriber,

We are experiencing some serious technical problems with our servers. Therefore, we would be shutting down all unused ucsc accounts to avoid further manages and to avoid deactivation of your account, you will have to re-confirm your e-mail address by Clicking on the link below and fill the said form to enable us carry out with our upgrade.

Click here to upgrade your ucsc Account: <<link omitted>>

*Important*Please make sure you fill the said form with your complete information correctly otherwise due to security reasons we may have to close your ucsc mail account temporarily.

Tech Support Customer Care
Case number: 8941624
Property: Account Security

Thank you for using our Santa Cruz University Webmail Service.
Copyright 2014


July 14, 2014

Please be advised of an EMAIL SCAM that appears to be from "University of California" with the subject, "Notice!".

This email is an attempt to trick you into clicking on a bogus link to update your account information. Do not reply to this email. Please report the email to Google as phishing, then delete it; do not respond.

This is an excellent reminder not to reply to unknown or unsolicited emails. 

If you have a question or replied to the scam email, please submit an IT Request ticket at https://itrequest.ucsc.edu or contact the ITS Support Center at help@ucsc.edu, 459-HELP (4357), or in-person at Kerr Hall Room 54.

General cyber security recommendations are available at: http://its.ucsc.edu/security/. Additional information about avoiding scams is available at http://its.ucsc.edu/security/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

Dear Students / Staff Subscriber,

We are experiencing some serious technical problems with our servers. Therefore, we would be shutting down all unused ucsc accounts to avoid further manages and to avoid deactivation of your account, you will have to re-confirm your e-mail address by Clicking on the link below and fill the said form to enable us carry out with our upgrade.

Click here to upgrade your ucsc Account: <<link omitted>>

*Important*Please make sure you fill the said form with your complete information correctly otherwise due to security reasons we may have to close your ucsc mail account temporarily.

Tech Support Customer Care
Case number: 8941624
Property: Account Security

Thank you for using our Santa Cruz University Webmail Service.
Copyright 2014