Email Scam Alert - Sept 25, 2014

September 25, 2014

> Go to IT Security Home page
Go to IT Security News page
> Go to "Beware of Scams" page


September 25, 2014 - Latest Scam

The following phishing email hit campus today (see sample below). This email is an attempt to trick you into clicking on a link and providing your account information to hackers.

As with all emails that ask you for personal information or attempt to get you to click on an unknown link or attachment, report the email to Google as phishing, then delete it. Never respond or reply to these emails.

If you you did click on the link, please contact the ITS Support Center for assistance at https://itrequest.ucsc.edu or by email at help@ucsc.edu, or telephone at 459-HELP(4357).

General cyber security recommendations are available at: http://its.ucsc.edu/security/.
Additional information about avoiding scams is available at http://its.ucsc.edu/security/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

From: UNIVERSITY OF CALIFORNIA <econtesd@ucsc.edu>
Date: Thu, Sep 25, 2014
Subject: Dear Students / Staff Subscribe
To:

Dear Students / Staff Subscriber,

This is to inform all Santa Cruz Staffs and students that we are currently experiencing some serious technical problems with our servers due to some internet criminals, please be informed, do not give your information to anyone claiming to be your Santa Cruz Webmail Administrator , unless we asked you to do so. Therefore, we would be shutting down all unused Santa Cruz Students / Staffs accounts that have not checked their emails to avoid further damage from spammers and Internet deactivation of your account, you will need to confirm your email address to enable us serve and protect your Santa Cruz E-mail account from spammers.

Click here to upgrade your Santa Cruz Account: <<link omitted>>

*Important*Please make sure you fill the said form with your complete information correctly otherwise due to security reasons we may have no choice than to close your email account temporarily.

Warning!!! All Students and Staff of Santa Cruz that refuse to update his or her account within two days of receiving this email will lose his or her account permanently. AGB © upc cablecom GmbH 2013. We apologize for any inconvenience this may have caused you. Thank you for using Santa Cruz Webmail

Tech Support Customer Care
Case number: 8941624
Property: Account Security
Thank you for using our University Webmail Service.
Copyright 2014: University Of California: Santa Cruz.


September 13, 2014

Over the weekend, UCSC was hit with the following phishing email (see sample below).
Please note: This is the EXACT SAME phishing email that was sent in the July 14th attempt described below.

This email is an attempt to trick you into clicking on a link and providing your account information to hackers. As with all emails that ask you for personal information or attempt to get you to click on an unknown link or attachment, report the email to Google as phishing, then delete it. Never respond or reply to these emails.

If you you did click on the link, please contact the ITS Support Center for assistance at https://itrequest.ucsc.edu or by email at help@ucsc.edu, or telephone at 459-HELP(4357).

To report phishing to Google:

You must do this from your email on the web. If you don't normally access your email via the web, go to mail.google.com and log in with your username and CruzID Blue password. When your mailbox loads, select the message you'd like to report.

  • For spam, click on the spam button in the toolbar above your message list (the one that looks like a stop sign with an exclamation mark).
  • To report phishing, please open the message and click on the little drop-down arrow next to the reply button in the top right corner of the email and select "Report phishing" (you can also report spam this way).

General cyber security recommendations are available at: http://its.ucsc.edu/security/. Additional information about avoiding scams is available at http://its.ucsc.edu/security/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

Dear Students / Staff Subscriber,

We are experiencing some serious technical problems with our servers. Therefore, we would be shutting down all unused ucsc accounts to avoid further manages and to avoid deactivation of your account, you will have to re-confirm your e-mail address by Clicking on the link below and fill the said form to enable us carry out with our upgrade.

Click here to upgrade your ucsc Account: <<link omitted>>

*Important*Please make sure you fill the said form with your complete information correctly otherwise due to security reasons we may have to close your ucsc mail account temporarily.

Tech Support Customer Care
Case number: 8941624
Property: Account Security

Thank you for using our Santa Cruz University Webmail Service.
Copyright 2014


July 14, 2014

Please be advised of an EMAIL SCAM that appears to be from "University of California" with the subject, "Notice!".

This email is an attempt to trick you into clicking on a bogus link to update your account information. Do not reply to this email. Please report the email to Google as phishing, then delete it; do not respond.

This is an excellent reminder not to reply to unknown or unsolicited emails. 

If you have a question or replied to the scam email, please submit an IT Request ticket at https://itrequest.ucsc.edu or contact the ITS Support Center at help@ucsc.edu, 459-HELP (4357), or in-person at Kerr Hall Room 54.

General cyber security recommendations are available at: http://its.ucsc.edu/security/. Additional information about avoiding scams is available at http://its.ucsc.edu/security/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

Dear Students / Staff Subscriber,

We are experiencing some serious technical problems with our servers. Therefore, we would be shutting down all unused ucsc accounts to avoid further manages and to avoid deactivation of your account, you will have to re-confirm your e-mail address by Clicking on the link below and fill the said form to enable us carry out with our upgrade.

Click here to upgrade your ucsc Account: <<link omitted>>

*Important*Please make sure you fill the said form with your complete information correctly otherwise due to security reasons we may have to close your ucsc mail account temporarily.

Tech Support Customer Care
Case number: 8941624
Property: Account Security

Thank you for using our Santa Cruz University Webmail Service.
Copyright 2014


December 9, 2013

Please be advised of an EMAIL SCAM that appears to be from "University of California, Santa Cruz <ucsc.library.its@gmail.com>" with the subject, "Off Campus Access - Barcode Deactivation Due Date".

This email is an attempt to trick you into replying to the email with your Library barcode number. Do not reply to this email. Please report the email to Google as phishing, then delete it; do not respond.

This is an excellent reminder not to reply to unknown or unsolicited emails. 

If you have a question or replied to the scam email with your barcode number, please submit an IT Request ticket at https://itrequest.ucsc.edu or contact the ITS Support Center at help@ucsc.edu, 459-HELP (4357), or in-person at Kerr Hall Room 54.

General cyber security recommendations are available at: http://its.ucsc.edu/security/. Additional information about avoiding scams is available at http://its.ucsc.edu/security/stay-secure/minreq/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

From: University of California, Santa Cruz <ucsc.library.its@gmail.com>
Date: December 8, 2013 9:29:59 AM PST

Subject: Off Campus Access - Barcode Deactivation Due Date

Dear Off-campus User,

As you may know, your library contracts with a variety of vendors and publishers to provide users with thousands of electronic resources (databases, e-journals, e-books, etc.) costing millions of dollars per year.

In addition to paying for these resources, libraries typically negotiate license agreements that stipulate how and by whom a given resource may be used. If license terms are violated by anyone, licensors may temporarily suspend access for the entire university community. In cases where a resolution cannot be reached, the vendor may have the right to permanently revoke a license and access to the resource.

There is only one option for identifying yourself to the library authentication system: 

Log In with Your Library Credentials (Library Card Barcode)

For some security measures, beginning January 2014 the barcode will be deactivated automatically. Therefore, to prevent this process, please reply back to this email by filling the below line.

Enter all 14 digits of your "Library Barcode" without spaces or hyphens (Start with 222 or 221060):

Important Note: UCSC will never request your password or other personal information such as UCSC single sign on credential. Messages requesting such information are fraudulent and should be deleted. Messages containing links to websites should also be inspected closely as they may send you to false websites. This is an automated email generated for the mentioned purpose only. For any other inquires about your library account or card, please contact the Library Service Desk at the McHenry or Science & Engineering Library by phone at (831) 459-5185 or (831) 459-5300, or e-mail to circulation@library.ucsc.edu. Please include your name and barcode number in correspondence.


October 10, 2013

Please be advised of an EMAIL SCAM that appears to be from "UCSC.EDU <adventur@tstt.net.tt>" with the subject, "WARNING: YOUR MAILBOX HAS EXCEEDED 19.8GB".

This email is an attempt to trick you into clicking on a malicious link. Do not click on the link. Please report the email to Google as phishing, then delete it; do not respond.

This is an excellent reminder not to click on unknown or unsolicited links in email, texts, or online (such as in Facebook or Twitter). 

If you have a question or clicked on the link, please submit an IT Request ticket at https://itrequest.ucsc.edu or contact the ITS Support Center at help@ucsc.edu, 459-HELP (4357), or in-person at Kerr Hall Room 54.

General cyber security recommendations are available at: http://its.ucsc.edu/security/. Additional information about avoiding scams is available at http://its.ucsc.edu/security/stay-secure/minreq/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL. DO NOT CLICK ON THE LINK.

****************

 From: UCSC.EDU <adventur@tstt.net.tt>
Date: Thu, Oct 10, 2013 at 11:52 AM
 Subject: WARNING: YOUR MAILBOX HAS EXCEEDED 19.8GB
To:

Dear UCSC User,

We have just upgraded our server to serve you better.
Your email account would be blocked from sending and receiving emails if your email account is not verified with in 48hrs.
You are required to upgrade your email account immediately to avoid account suspension / De-activation. To get started, please Click Here <<link omitted>>

Thank you,
Mail Administrator.


September 27, 2013

Please be advised of an EMAIL SCAM that appears to be from "Rowland, Meghan" <mew09d@fsu.edu> with the subject, "RE: Faculty / Staff Webadministrator Notification !!". This phishing scam is an attempt to steal your information. Do not click on the link. Please report the email to Google as phishing, then delete it; do not respond.

This is an excellent reminder not to click on unknown or unsolicited links in email, texts, or online (such as in Facebook or Twitter). 

If you have a question or clicked on the link, please submit an IT Request ticket at https://itrequest.ucsc.edu or contact the ITS Support Center at help@ucsc.edu, 459-HELP (4357), or in-person at Kerr Hall Room 54.

General cyber security recommendations are available at: http://its.ucsc.edu/security/. Additional information about avoiding scams is available at http://its.ucsc.edu/security/stay-secure/minreq/scams.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

From: "Rowland, Meghan" <mew09d@fsu.edu>
Subject: [UCSC Security] RE: Faculty / Staff Webadministrator Notification !!
Date: September 27, 2013 7:01:11 AM PDT
To: "Rowland, Meghan" <mew09d@fsu.edu>
Reply-To: mew09d@fsu.edu


Your account safety is our top priority.

Recently, we have detected some unusual activity on your account and as a result,
all email users are urged to update  their email account within 24 hours of receiving this e-mail, using the update link: ITS <<link omitted>> to confirm that your email account is up to date with the institution requirement.
Do not ignore this message to avoid termination of your webmail account.
Our apologies for any inconvenience this may have caused, but your account safety and privacy is very important to us.

Thanks for your co-operation.

Yours sincerely,

© Copyright 2013
Webmail Admin.
--


July 31, 2013

Please be advised of an EMAIL SCAM that appears to be from <rnoroyan@ucsc.edu> with the subject, "Dear Ucsc.edu Email Owner". This phishing scam is an attempt to steal your information. Do not click on the link. Please report the email to Google as phishing, then delete it; do not respond.

This is an excellent reminder not to click on unknown or unsolicited links in email, texts, or online (such as in Facebook or Twitter). 

If you have a question or clicked on the link, please submit an IT Request ticket at https://itrequest.ucsc.edu or contact the ITS Support Center at help@ucsc.edu, 459-HELP (4357), or in-person at Kerr Hall Room 54.

General cyber security recommendations are available at: http://its.ucsc.edu/security/

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

---------- Forwarded message ----------

From: Richelle Noroyan <rnoroyan@ucsc.edu>
Date: Wed, Jul 31, 2013 at 7:00 AM
Subject: Dear Ucsc.edu Email Owner
To: 

Dear Ucsc.edu Email Owner,

This message is from Ucsc.edu messaging center to all Ucsc.edu e-mail owners. We are currently upgrading our data base and e-mail center. We are deleting all unused Ucsc.edu e-mail accounts to create more space for new ones.

To prevent your account from closing you will have to click the link below to update your account.

CONFIRM YOUR E-MAIL BELOW:

http://jkl.net84.net/sf/use/rttryt/form1.html 

Warning!!! E-mail owner who fails to update his or her e-mail within Seven days of receiving this warning will risk losing his or her e-mail account permanently.

Thanks,
Ucsc.edu Upgrade Team
Ucsc.edu BETA.


Virtually identical phishing scams were sent to campus on February 5th and 26th, 2013:

Please be advised of an EMAIL SCAM from "UCSC <helpdeskservice@vf.vc>" with the subject, "ITS Support Center". See below for a copy of this scam email. This is a phishing scam attempting to trick you into revealing your CruzID password. If you have received this or a similar email, please report it to Google as phishing, then delete it; do not respond.

As a reminder, ITS will never ask you to disclose your password or other personal information via email. You should NEVER disclose your login, password, or other personal information to anyone, even if they say they work for UCSC, ITS, or other campus organizations. If you receive an email message asking for your password, it's a SCAM! Delete the message and do not respond.

If you have a question or responded to this email, please submit an IT Request ticket at itrequest.ucsc.edu or contact the ITS Support Center at help@ucsc.edu, 459-HELP (4357), or in-person at Kerr Hall Room 54.

General cyber security recommendations are available at: http://its.ucsc.edu/security/index.html

A sample of this email scam reads as follows. DO NOT RESPOND TO THIS EMAIL.

****************

Subject: ITS Support Center
Date: Tue, 26 Feb 2013 01:15:08 GMT
From: UCSC <helpdeskservices@vf.vc>
Reply-To: UCSC <helpdeskservices@vf.vc>
To: (Recipient List Suppressed)


Dear UCSC- Webmail Subscriber,

We are currently carrying out maintenance and upgrade of our UCSC Web service and as a result of this;our E-mail client has been changed and your original password will be reset. please provide us your CruzID:(******) Password(******) for reactivation.

Thanks for using UCSC University Web services

University of California Santa Cruz, 1156 High Street, Santa Cruz, CA 95064
© 2013 The Regents of the University of California. All Rights Reserved.