Recently, there has been an increase in UCSB students receiving SMS/Text messages impersonating UCSB’s “Information Security & Operations Team.” These text messages are not legitimate.
 

What to look out for:

Cybercriminals are sending messages to students claiming their accounts are at risk of termination. They will ask you to confirm whether you have requested termination of your current school account and to respond.

When responding with a yes, they will prompt you to provide a code or send you a code to enter into your Duo Mobile app. If you provide or enter a code, your account will be compromised and used to send mass fraudulent messages to other UCSB students.

It is imperative that you do not provide or enter any codes and that you immediately stop the conversation.
 

Example of threat text sent to a student:

an example of a suspicious text message reading "Hello This is from the Information & Security Operations team at University of California, Santa Barbara. Could you please confirm if you have requested the termination of your current school email? Kindly reply Yes/No"


How to Stay Safe

  • Ignore and delete suspicious messages and links. Refer to UCSB’s own websites rather than the links that were sent to you.

  • Block the sender on your device.

  • Never continue a conversation you didn’t start, especially when receiving emails or text messages. If you did not call, email, or text them, it's likely a scam.  As a reminder, UCSB IT staff will never initiate communication or send a verification code over SMS. 

  • Report incidents.  If you receive an SMS/text message or email you believe to be fraudulent, forward a screenshot or the original message to security@ucsb.edu .

  • Duo/MFA passcodes are never meant to be shared. Only enter verification codes into your Duo Mobile app from a login window you have initiated -- never from any other source like an SMS message, phone call, or email.  If anyone asks for a code or provides you with a code to enter into your Duo Mobile app, that person is trying to fraudulently gain access to your account.

  • Change your UCSB account password if you receive a text message like this; it usually indicates that your credentials are already compromised. https://www.identity.ucsb.edu/ucsbnetid/password

  • Know the process. UCSB will never send an email about your account being deactivated, terminated, or your access being removed without a clear & established process in place in advance.
    https://www.connect.ucsb.edu/accounts/account-eligibility
     

Reporting Incidents

If you have any other questions, please do not hesitate to contact the Student Help Desk at https://it.ucsb.edu/student-services/help-desk.