October is Cyber Security Awareness Month!

Each and every one of us needs to do our part to make sure that our online lives are kept safe and secure. That's what Cybersecurity Awareness Month - observed in October - is all about!

This year's theme is Do Your Part, #Be Cyber Smart. Here are ways to protect you against phishing scams.

What is Phishing?

Phishing is a type of social engineering used by hackers to trick you into giving them money, information (such as personal information or login credentials), or compromising devices using malware. This scam is delivered via emails with malicious links or attachments, pop-ups, posts on social media, text messages, and phone calls. Learn more about Avoiding Phishing Emails.

What is UCSC doing?

ITS hosts an organized yearly campaign that sends out mock phishing emails to UCSC staff and faculty. This campaign is designed to educate and remind individuals to be vigilant. 

We also work to teach our campus community how to train their own individual spam filter. To learn more visit, “How to report phishing (to Google)” below.

What to do if You Receive a Phishing Email

How to report phishing (to Google)

If you think you have discovered a Phishing scam in your Inbox, report it to Google.

Train your spam filter:

• Open the message in Gmail (in your web browser)
• Click the three vertical dots ' ⋮ ' next to reply
• Choose 'Report phishing'

OR

• Open the message in Gmail (in your web browser)
• Click the octagon with an exclamation mark ( ) in it located between the archive and trash buttons

The email won’t get deleted but google will move it to the spam folder.

If you receive a threatening phishing email, report it to the Police Department.

For suspicious emails that land in your spam folder, don’t open, forward, or reply to them. Leave them alone. If it is in your spam folder you do not need to report it.

What to do if You Respond with Your Personal Information

Report the incident to ITS Support Center

Choose actions based on the information you revealed and how that information can be used:

Your CruzID Password

• Immediately change your password. If you use this password on other accounts, change those to new unique passwords now. See how to change your CruzID password.
• Report the phishing attempt.
  • Check if the attempt has already been reported.
  • If not reported, report the phishing attempt.

Your Bank or Credit Card Account Number, Password or PIN

• Call the bank’s hotline, usually printed on the back of your bank card, and report the incident.
• If you have transferred money to a phisher, report  the incident to your  local police.
• Inspect your statements carefully for signs of account misuse.
• Determine if you want to put a lock on your credit records. This will keep anyone from opening a new account.
• Go to your bank’s online website and look for information about fraud, phishing or identity theft.  Find out what your bank expects you to do.
• If you have provided banking information, contact your financial institution.
• Change any passwords you may have revealed.

Your Social Security Number

• Put a lock on all four of your credit reports (,Equifax,Experian, and Innovis) to block the creation of any new credit card accounts.

• Review the recommendations from the Social Security Administration about identity theft and your Social Security Number.

Notify the Federal Trade Commission (FTC) that you have been phished. 

The FTC is the nation's consumer protection agency. The FTC's Bureau of Consumer Protection works for the consumer to prevent fraud, deception and unfair business practices in the marketplace.

Follow the advice listed here: https://www.identitytheft.gov/