The campus’s chief information security officer, Cheryl Washington, sent a warning Tuesday (Dec. 20) to the campus community about recent phishing attacks, one that involves a job scam and the other coming in the form of a Duo push or call, asking you to authorize entry to a campus service, when, in fact, you did not initiate a push or call.
In the job scam message, Washington said, the recipient is asked to click on a link to provide their password. “Please note, 51ԹϺ Davis NEVER requests that a password is provided or updated in an email,” she said. “If you receive an email requesting your password, consider it a scam and forward the email to cybersecurity@ucdavis.edu.”
In the case of the Duo scam, your password may have been hacked, and the hacker uses it to send a push or initiate a call asking you to authorize a login to a campus service. So, unless you specifically asked for a push or a call, do not authorize the login. “Your password has likely been compromised,” Washington said, “and we recommend that you change your passphrase immediately.”
If you believe your account has been compromised or that you are a victim of the recent phishing scams, please reach out to cybersecurity@ucdavis.edu. You can also contact IT Express by phone, 530-754-4357, or email, 7 a.m.-6 p.m. weekdays.
Media Resources
Dateline Staff: Dave Jones, editor, 530-752-6556, dateline@ucdavis.edu; Cody Kitaura, News and Media Relations specialist, 530-752-1932, kitaura@ucdavis.edu.