Latest phishing outbreak underscores importance of knowing how to spot the scams

A new rash of phishing attacks against campus email accounts shows why people need to know how to identify and avoid the scams.

In the past week, countless people with UC Davis email accounts have received email messages that pretend to come from senders like the "MyUCDAVIS Technical Team" or "Ucdavis Support." The messages urge recipients to go to a website and enter their user name and password.

These sham messages, like others over the years, are trying to steal access to your campus account. If you receive one of these messages, delete it without responding.

If you went to one of the scam sites and entered your information, you need to change your campus passphrase and challenge questions immediately. To change your passphrase, go to Call the IT Express Computing Services Help Desk at 530-754-HELP (4357) if you need help.

Scammers use credentials stolen through phishing to send massive amounts of spam from the compromised accounts. The deluge often causes companies to block all email from UC Davis accounts until the problem is fixed. Filters and security measures block most phishing attempts, but scammers constantly change their methods and some phishing attempts inevitably get through.

Phishing scams typically ask you to send or "confirm" sensitive information like a login ID, passphrase, or account numbers. The messages often threaten to close or restrict your account if you don't respond.

UC Davis will never ask you to disclose your passphrase via email or telephone. If you ever doubt the authenticity of a message that claims to come from UC Davis, call IT Express for guidance. Read more about how to identify phishing at Information and Educational Technology's anti-phishing website.