Select Page

Latest Phishing Scams

**** Multiple emails have been posted to avoid confusion.  Each example has been separated by ### ****

########################################################################################
Subject: Fw: UCLA POLICE DEPARTMENT
Date: Wed, 30 Aug 2017 14:43:54 -0700 (9 mins ago)
Sent: Wednesday, August 30, 2017 14:40
Subject: UCLA POLICE DEPARTMENT
 

There is a police Situation on campus, We Encourage everyone to read and follow protocol.

This message is sent Via Secured HTML Protocol Click Here to View.

Click Here <www.team.com.cn/final>

Police Stations
601 Westwood PlazaLos Angeles, CA 90095-1364
Office: (M-F 8am-5pm)
(excluding holidays)
*** The above link takes you to a page titled “Webmail” asking for your username, email address and password ***
########################################################################################
-------- Forwarded Message --------
Subject: 	Validate Your Email Account....To Avoid closed down
Date: 	Mon, 17 Jul 2017 19:04:07 +0100
From: 	UC Los Angeles <ncl33@drexel.edu>
To: 	lili@seas.ucla.edu

*Dear <user>@seas.ucla.edu,*

This is to notify all Students and Staffs of UCLA we are validating 
active accounts.

Kindly confirm that your account is still in use by clicking the 
validation link below:

Validate Email Account
<http://www.key2web.be/gppev2/default/blog/main.htm>

Sincerely,

IT Services Help Desk
Office of Information Technology
The University of California, Los Angeles
########################################################################################

 

2016/12/06 URGENT NOTICE FROM CAMPUS REGARDING RANSOMWARE:

The email appears to come from office@”department”.ucla.edu where “department” is the name of the unit to which the phishing message is directed.   The subject of the email is “Scanned image from MX2310U@department.ucla.edu” with the unit name similarly substituted.

If you receive this email, do not open any attachments and immediately delete the message. Note that a sample of this email is shown below:

phishing_scam

Email sent to HSSEAS addresses with .zip attachments will not be delivered. Instead the user will receive an email saying that the message has been blocked along with instructions about what to do if you were expecting an email message with an attachment.

#############################################################

EMAIL ISSUED BY CAMPUS to Warn of Phishing Being sent:

To the Campus Community:
Be advised there is a Phishing email message being sent throughout UCLA claiming to be from Bruin Alert
and asking you to log-in to confirm your credentials. If you receive the message, please take no action and
immediately delete it.
FYI, the message has a couple of telltale signs to look for when trying to determine the validity of a questionable email:
1.
The email address of the sender is not actually the same as the name of the sender (in this case, it isn’t even a ucla.edu email address).
2.
Very poor grammar and spelling.
A copy of the message is below for your reference. Please feel free to reach out to me with any questions or concerns.
Sincerely,
Michael Story
Interim Chief Information Security Officer
Information Technology Services
——– Original message ——–
From: UCLA Bruin ALert ‹
Date: 6/18/16 5:40 PM (GMT-08:00)
To:
Subject: UCLA Bruin Alert
Dear user;
Because of the recent shooting in school, the school authority has upgraded the email portal of every students and staffs of the school.
You are advice to log-on here to confirm if your login credentials in other to allow the recent upgrade on your device.
The upgrade is been done to beef up our security network technologically.
Regards,
The UCLA Bruin Alert
###################################################################