Campus officials call for caution as scammers target students and staff
By JESSICA YUNG — campus@theaggie.org
Phishing and scam emails have been impacting the UC Davis community this year. Valid UC Davis accounts are at risk of being hacked using stolen log-in credentials, to in turn send phishing emails to other members of the UC Davis community.
A phishing scam is an attempt to steal personal information using email or a website, according to the UC Davis Knowledge Base.
“‘Phishing’ (pronounced ‘fishing’) refers to a form of fraud that attempts to acquire sensitive information,” the website reads.
Phishing attacks can take many forms, including requests for replies to a message or suspicious links. Some hackers impersonate real UC Davis faculty and staff members in an attempt to gather student information, on the premise of a research or job opportunity.
An email to UC Davis students and staff sent by UC Davis Information and Educational Technology (IET) on May 15 detailed the attacks facing the campus community.
“Phishing scams are on the rise at UC Davis and other higher educational institutions,” the email reads. “Scammers are impersonating legitimate and trusted sources, such as UCPath, Canvas, and other [University of California] Systems. They are targeting students, faculty, and staff with fake emails, text messages, phone calls, and social media messages to try and obtain passwords, Duo codes, or other sensitive information. Do not respond!”
UC Davis will never ask for passwords or other sensitive information via email or text message, according to IET.
UC Davis Vice Chancellor for Student Affairs Pablo Reguerín, in an email sent to the student body, also warned of these attacks and urged vigilance.
“Dozens of community members across the UC system have already fallen for the scam, including at UC Davis (campus and health),” Reguerín said. “Although no money was diverted in these recent scams, thanks to excellent cyber protection provided by UC Path [UC’s employee portal], we need to stay vigilant and protect ourselves.”
Many students have been impacted by these emails, including Tyson Rendon, a fourth-year economics major.
“The email was a confirmation-type email that said my UC Davis email address would be deleted by the end of the day unless I took immediate action,” Rendon said. “It presented a link to another website or an email address, and it seemed like they were just trying to get my UC Davis login credentials. My reaction, at first, was very frightened, because I thought that somehow I would make a mistake that would delete my email.”
When campus community members receive a suspicious phishing email, they are encouraged to report the activity to cybersecurity@ucdavis.edu.
Rendon noted that the scam emails use websites and links that look familiar to official UC Davis websites.
“There can be scammers who will replicate that very, very closely and maybe just change one letter of the address of UC Davis and it’ll seem very accurate,” Rendon said. “You just have to keep an eye out for that.”
A UC Davis IET post, originally from late 2024, noted that replying to and clicking phishing links can be very dangerous.
“Do not respond to any suspicious emails, click any links, or download any attachments,” the website states. “In doing so, you may put your identity and the university’s information and systems at risk.”
Written by: Jessica Yung — @campus@theaggie.org
