Nearly 300,000 students started classes at the University of California last month. The new school year is an exciting time for students, faculty, and staff, but it’s also a busy time for hackers, identity thieves, and other exploitative types who take advantage of people during this busy time of year.

Watch out for common scams that occur at the start of the academic year:

  • Emails claiming to contain “important information about your UC account” or a “problem with your registration.”
  • Scams specifically designed to cheat students out of money, such as scholarship scams, fake tuition payment processors, textbook rental or book-buying scams, tutoring scams, and gift card scams.
  • “Tech support” scams, where a caller claims to be campus ResNet, the IT Service Desk, or even Microsoft or Apple, and tells you that there’s a problem with your computer.
  • IRS impersonators demanding that students or their parents wire money immediately to pay a fake "federal student tax."
  • Messages that ask for your login information, no matter how legitimate they may look. No one other than you needs to know your passwords.
  • Rental scams that offer fake rental properties to students and members of the community. They typically advertise attractive properties at unrealistically low prices, and are unable to show the property or meet in person.
  • Job fraud, where fake employers trick students with easy, high-paying job offers, like a “personal assistant” role or other part-time, work-from-home jobs. The offers are often unsolicited and ask for personal information or money upfront. 

Tips to stay safe:

The best way to avoid scams is to approach all unexpected messages, offers, and phone calls with healthy skepticism. Helpful habits include:

  1. Always think twice before clicking on links or opening attachments, even if they look like they are from someone you know. If you are not sure, contact the sender by a method you know is legitimate to confirm they sent it.
  2. If you receive a request for personal information, always verify that it is legitimate. Remember, scammers know how to pose as common organizations and institutions or individuals you may know.
  3. Protect your passwords. Make them long and strong, never reveal them to anyone, and use different passwords for different accounts. Also, use multi-factor authentication (MFA) where possible. UCSB has joined other UC campuses in implementing MFA to help the campus community guard itself against cybercrime. More information can be found here.

If you believe you've received a phishing message, submit an incident report to Information Technology Services. Follow @UCSBInfoSec on Instagram, X, and LinkedIn, where you can find the most up-to-date information and cybersecurity guidance throughout the school year.

Thank you for your attention to these important cybersecurity reminders. We hope you stay cyber safe!