Watch out for financial "spear phishing" emails.
These may look like they come from a supervisor or manager and request that you send funds, transfer money, provide banking information, buy gift cards, or provide something of value to the sender.
These may look like they come from a supervisor or manager and request that you send funds, transfer money, provide banking information, buy gift cards, or provide something of value to the sender.
Because then you will get those fun and cheerful security notices! Yay!
Seriously, ISO monitors all campus IP address space. When we find a problem we notify the Security Contact that claims the subnet so they can fix the problem. If we cannot contact anyone, and the problem is serious, we will block the IP Address. Now you have to troubleshoot a connectivity issue without knowing the underlying reason and you still have a serious security issue.
UC has learned that names, Social Security numbers, and other personal information of some members of the UC community may have been used in attempts to open unauthorized bank accounts at financial institutions such as Chime and Go2Bank. Some of these UC community members are receiving emails from these institutions asking them to confirm a new account by clicking on a link in the email. It is unclear how personal information was obtained to open unauthorized accounts.
Between the COVID-19 pandemic and high unemployment rates, the pressure to find a job may create more pressure for you to find work quickly. UC Berkeley has received numerous reports of employment scams where the sender impersonates Berkeley professors, researchers, and/or university departments. Some scams are easy to spot but how do you know who to trust?
The UC Office of the President has notified us that UC employees received an email yesterday from WEX Health (formerly Discovery Benefits) alerting them to a change in the profile information in their online WEX account. You do not need to respond to their message. This change was made in error and is being corrected. Please note that the error is not the result of a security breach and UC employee data has not been compromised.
"I have a really great passphrase, it's long and easy to remember, so I use it on all my accounts."
Sound familiar? Why is it so hard for us to abandon this idea that reusing passphrases is a bad idea? Well, we're humans and humans tend to rationalize to confirm our decisions. "What are the chances that someone will get my password and compromise my account, I mean, will that really happen to me?" Well, it turns out it does - and more frequently that you might imagine.
Updated May 11, 2021:
UCOP Notice to UC Community: https://ucnet.universityofcalifornia.edu/data-security/index.html
Updated Apr. 15, 2021:
Mar. 31st - The Internal Revenue Service issued a warning of an ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have ".edu" email addresses. The phishing emails appear to target university and college students from both public and private, profit and non-profit institutions.
The fraudulent email displays the IRS logo and uses various subject lines such as "Tax Refund Payment" or "Recalculation of your tax refund payment." It asks people to click a link and submit a form to claim their refund.