Phishing

Phishing emails are an attempt by thieves to lure you into divulging personal and financial information, for their profit. They pretend to be from well-known legitimate businesses, and increasingly look as if they actually are. They use clever techniques to induce a sense of urgency on your part so that you don't stop to think about whether they are legitimate or not. You can learn what to look for and where to report these scams when you find them.

Spear phishing emails are a special type of phishing email targeted to a select group of users. These emails tend to be more specific than a regular phishing email, including information more detailed and familiar to the recipient. As with standard phishing emails, these messages often include a request for personal information and a notification of account suspension or closure for failing to reply.

If you suspect that you have received a phishing email, do not respond to it or click on the links. Report it to security@uci.edu and then delete it.

6 Ways to Recognize Phishing


  1. Generic greeting
    For example, "Dear customer" instead of using your name.
  2. Sense of urgency
    May include an urgent warning requiring your immediate action.
  3. Account status threat
    May include a warning that your account will be shut down unless you reply.
  4. Forged email address
    The sender's email address may be forged, even if it looks legitimate.
  5. Forged links to Web sites
    There is often a link to a web site to "fix" your account. These are often forged.
  6. Requests for personal information
    Asking for login and password information, either in the email or from the link.

Remember, NEVER respond to an email message requesting personal information. Reputable organizations will never ask you to send your login or private information to them via email. You should always be wary of unexpected messages requesting personal information. If you are unsure whether an email message about your account is a phishing email or not, call the organization directly to determine the status of your account.

What can I Do?


My Account Activity

Reviewing your account activity is one of the best ways to find abuse.  For UCI accounts, this tool allows you to check your own account activity for problems.  While at your request our security analysts can review account activity, you are the best judge of potential misuse of your account: https://security.uci.edu/my-account-activity.html

Opt-In Multi Factor Authentication

A better protection is to use "multi-factor authentication" (MFA), also known as "two step verification", requiring anyone trying to get into your account to not only know what your password is, but also have physical access to something you own, such as a mobile phone or token.

Faculty and staff can "opt-in" to enforce Duo multi-factor authentication (MFA) on UCI WebAuth and/or Office 365 logins.

http://www.oit.uci.edu/help/duo/webauth-duo/

http://www.oit.uci.edu/help/duo/office-365-duo/

Do you use UCI G Suite? Google offers their own solution: https://www.google.com/landing/2step/

Fraudulent URL Training

It is good practice to never click on a link but copy and paste it (this message, included!). You can also take this opportunity to quickly look at the link and make sure it looks legitimate. Because determining if a link is fake is not always easy, the OIT Security team now offers an interactive training game to help you learn.

UCI Learning Center Website: http://uclc.uci.edu/ - Course: Phishing Awareness – Identifying Fraudulent URLs