Skip to main content
University of California San Francisco Give to UCSF

UCSF IT Technology

Main navigation

  • Status
    • Security Announcements
  • Services
    • Projects
  • How To
  • News & Events
  • About Us
  • Log In
Open Close Search
Open menu
Give to UCSF

Breadcrumb

  1. Home
  2. How To
  3. Protect UCSF and Myself From Phishing and Other Similar Scams

This content is viewable by Everyone

Protect UCSF and Myself from Phishing and Other Similar Scams

Save

Log in via MyAccess to save.

  • Audience: Technical Partner
  • Service Category: Security
  • Owner Team: IT Security
  • Service:
    IT Security Outreach and Training

See the Red Flags from The latest UCSF Phishing Campaign 

Information you need to know

WHAT YOU SHOULD DO IF YOU RECEIVE A RANDOM EMAIL OR CALL THAT ASKS FOR YOUR PRIVATE INFORMATION:

  • Within UCSF email, click on the Phish Alarm   Button to report it.
  • Do not reply to or click on the link in the message.
  • If it's a phone message, hang up.

Instead, if you believe the sender or caller to be a legitimate organization, open a new internet browser session and type in the company’s correct web address yourself.

If you're concerned about your account, contact the organization mentioned in the email or call, using a telephone number you know to be genuine.

  • Be wary of telephone numbers listed in emails.

Some scammers send an email or make a call that appears to be from a legitimate business and ask you to call a phone number to update your account or access a “refund.” Because they use Voice Over Internet Protocol (VOIP) technology, if you call back, the area code you call does not reflect where the scammers really are. 

  • Validate the caller or sender. 

If you need to reach an organization you do business with, call the number on your financial statements, the back of your credit card, or other official document.

  • Don’t provide other peoples' personal or financial information without an approved business purpose and their consent.

Various laws and regulations mandate the protection of personal and financial data. These laws require organizations to obtain consent and have a legitimate purpose for data processing and sharing.

  • Validate websites.

If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, such as a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). Unfortunately, no indicator is foolproof; some phishers have forged security icons. Validate the URL for the site.

  • Review credit card and bank account statements as soon as you receive them.

Check for unauthorized charges. If your statement is late by more than a couple of days, call your credit card company or bank to confirm your billing address and account balances.

  • Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them.

These files can contain viruses or other software that can weaken your computer’s security.

  • Be careful what information you publicize.

Attackers may be able to piece together information from a variety of sources. Avoid posting personal data in public forums.

  • Use and maintain anti-virus software and a firewall. 

Protect yourself against viruses and Trojan horses that may steal or modify the data on your own computer and leave you vulnerable. Make sure to keep your virus definitions up to date.

Additional important information

  • If you believe you have received a phishing message, but have NOT clicked the link or opened the attachment, report it by clicking on the Phish Alarm  button within your UCSF email.
  • If you DID click on a link and download software, turn off your computer and contact the IT Service Desk immediately.
  • If you clicked on a link and provided your credentials, change your password immediately and contact the IT Service Desk.

UCSF IT Service Desk

MAIN: 415-514-4100

APeX: 415-514-APEX

http://help.ucsf.edu/

Fast, Efficient Solutions

UCSF-wide Phishing Campaigns - Phish Indicators (Red Flags)

Below are pictures of the most recent mock phish. If something is at all strange, report it via Phish Alarm. It will analyze it and get back to you in minutes.  Over-reporting is not an issue. It is always better to be safe than sorry!

April 2025 DocuSign Message

DocuSign Mock Phish Indicators

March 2025 Zelle Message

Zelle Mock Phish with inidcators

March 2025 Scholarship Message

Scholarship Mock Phish Inidcators

December 2024 USPS Message

USPS Mock Phish Indicators

December 2024 Amazon Message

Amazon Mock Phish Indicators

September 2024 Zoom Message

Zoom mock phish indicators

September 2024 Message in Teams

Teams Mock Phish Red Flags

May 2024 Free Netflix Mock Phish to all of UCSF

Netflix Mock Phish Indicators

April 2024 QR Phish to all of UCSF

Phish Indicators on QR Code Phish

March 2024 Phish to all of UCSF

1st Quarter 2024 Phish to Everyone - Red Flags

December 2023 Retest Phish

4th Quarter 2023 Mock Phish Retest

 

December 2023 Phish to all of UCSF

Amazon Phish Red Flags

October 2023 Mock Phish to all IT Employees

Phish Indicators

October 2023 Retest Mock Phish to IT Employees

Phish Indicators

 

August 2023 Mock Phish to all of UCSF

Phis red flags for Chrome Update Mock Phish

Related Information

  • Avoid Being Phished - Quick Tips
  • “Report Phish” button is now available
  • COVID-19 Vaccine Phishing Attempts

Related News

  • Use Phish Alarm to Report Suspicious Emails and Contact the IT Service Desk or UCSF Police for Other Security Incidents
    Esther Silver/Friday, April 18, 2025
  • Ransomware Attacks Continue to Surge
    Esther Silver/Wednesday, August 21, 2024
  • Beware of Cyber Scams as the School Year Kicks Off
    Esther Silver/Monday, July 15, 2024
  • Avoid the “Dirty Dozen” Tax Scams!
    Esther Silver/Thursday, January 4, 2024
  • See the Latest Phishing Scams and Know What To Do!
    Esther Silver/Thursday, December 8, 2022
Section Menu
IT Security Outreach and Training
  • Information Security Is Everyone's Responsibility
  • IT Security Awareness - Stay Sharp to Stay Safe
  • IT Security and Awareness Champion Program: Overview
  • View IT Security Awareness Videos
  • Request IT Security Awareness Posters
  • IT Security Orientations and Education
  • IT Security Educational Meetings and Webinars
  • Advanced IT Security Training on the UCSF Learning Management System
Home

Footer Col 1

  • Status
  • Services
  • How To
  • News & Events

Footer Col 2

  • About
  • IT Directory
  • Standards & Guidelines

Footer Col 3

  • Get Help
  • Recognize IT Staff
  • Submit a Support Inquiry

    For emergencies and high priority issues please call the IT Service Desk (415) 514-4100

    • Facebook
    • Twitter
    • YouTube
    • Instagram

    © 2025 The Regents of the University of California