Skip to Main Content

Recent Phishing Emails Targeted UC Employee Paychecks

blue color box

A recent UCOP statement informed the community about recent phishing emails:


Over the past several months, several UC employees have been victims of phishing emails, which allowed attackers to gain unauthorized access to UCPath accounts and paycheck information. During some of these incidents, employees’ direct deposit information was changed, redirecting paychecks to bank accounts controlled by the attackers. In all instances, staff ultimately received their pay.

These attacks are successful because they are typically very sophisticated, and use language and imagery that resembles the sites you’re used to. (Check out these examples from UC Berkeley.) That’s why it’s so important to remain alert.

Protect Yourself

  • Be alert to phishing:
    • Do not click links or download documents in emails that you are not expecting.
    • Never complete unsolicited forms that request personal or financial information.
    • If you receive an email regarding an account, be sure to review the email address that the message comes from and check the URL of the site you are being directed to. If the email or URL seems suspicious or atypical, contact the sender using known contact information to determine if any action is needed (e.g. for UCPath, use the “Ask UCPath Center” form or call 855-982-7284).
    • Report any suspicious messages using the Report Message button in Outlook.
    • If you opened an attachment or shared your credentials from a phishing message, submit an incident report to https://ucop.edu/cyber-report.
  • Add a personal email to your UCPath account. This will make it easier for UCPath to reach you if there is unusual activity in your account.
  • Don’t use the passwords you use for UC accounts outside of work (e.g. for personal email or other non-UC websites).
  • Periodically verify your direct deposit information.
  • Activate Experian identity theft monitoring.

 

For additional questions or concerns regarding the security of your UC accounts, check out our information security FAQs and review this article. You can also email cybersecurity@ucop.edu.