UC San Diego will never ask for any of the following information:
- Verify your account information or ask for your password
- Confirm your address
- Confirm personal information (except UC San Diego affiliation) such as age, social security number, or home address.
The signature of the email will always include a legitimate UC San Diego department name. However, this alone should not be used to determine if an email from UC San Diego.
If you still suspect the message, you may check the campus archive here to see the recent official messages sent by UC San Diego and see if the message you received is listed. If the message is listed here, you can be assured it is a valid email.
Here is the recent official password change notice from UC San Diego.
Commonly, phishers put a link in their emails that looks valid but actually goes to a fake or copycat site. By hovering your mouse over the link in the email (but not actually clicking on the link).
As with spam, your email address may have been obtained from a compromised computer, an online directory, a publication, etc.
Don't follow links to a webpage. Instead, check the company's website by typing the URL in your browser or call the company directly.
Don't fill out any emailed forms that ask for personal or financial information.
Delete the message.
IT Services continuously monitors for phishing emails and takes action whenever the message source can be reliably determined. Unfortunately, it is not possible to completely eliminate phishing scams, as the attacks are coming from so many different sources.
If you believe you have a phishing email, report it to email@example.com.