UC San Diego SearchMenu

Security Announcements & Alerts

Read the latest information announcements and alerts from the IT Services Security team.

Warning! If you receive the message below, do NOT click the link!

February 28, 2018

Screenshot of phishing email

Phishing message spoofing UC Cybersecurity Awareness Training notice

We are seeing the above message make the rounds on campus. It uses the same font and some of the same verbiage from the legitimate UC Learning notice, but it is not legitimate. These are phishing messages coming from the email accounts of compromised campus individuals in an attempt to compromise additional campus accounts.

While the message claims a valid campus department connection, UC San Diego's ITS Service Desk is not involved with the systemwide UC Cybersecurity Awareness Training process. Here are other clues that this is a phishing message:

  • A bogus recipient -- "inf@uc_.edu" rather than your campus email address
  • "Dear ACCOUNT USER" -- the UC training notice specifies your name
  • "UPDATE ACCOUNT" -- the link goes to a non-campus domain
  • "This course will take approximately 2 minutes to complete." -- the full training is 60 minutes, the refresher is 35

Think you can spot a phishing email when you see one? Sign up for the faux phishing campaign being run by IT Services Security. Note: you must log in to your campus G Suite account to access this Google Form.

Cybersecurity announcements

Note: this page has a friendly link that's easy to remember: http://blink.ucsd.edu/go/securityinfo