UC Davis scam graphic

Protect Yourself From Phishing Scams: Hackers Target Duo, Text, and Email

Phishing scams are on the rise at UC Davis and other higher educational institutions. Scammers are impersonating legitimate and trusted sources, such as UCPath, Canvas, and other UC Systems. They are targeting students, faculty, and staff with fake emails, text messages, phone calls, and social media messages to try and obtain passwords, Duo codes, or other sensitive information. 

Do not respond! UC Davis will never ask for your passwords or other sensitive information via email or text message.

Protect Yourself From Phishing Scams

  1. Verify identities before sharing personal information. Always contact the institution to confirm the request.
  2. Never provide your information in response to an email or text message you do not recognize.
  3. Do not click suspicious links, download attachments, or enter your password or Duo code on an untrusted website or form.
  4. Do not approve Duo push notifications you didn't initiate.
  5. Watch for fake login screens designed to steal your information.

Beware: Fraudulent Duo Push Notifications

If you receive a Duo push notification that you did not initiate, someone is attempting to fraudulently access your account.

  1. Deny the Duo prompt.
  2. Report suspicious activity via the Duo application, if prompted.
  3. Report the activity to cybersecurity@ucdavis.edu.
  4. Reset your UC Davis passphrase.

Beware: Fake UC Davis Login Screens

Hackers may create fake login screens with the same look-and-feel as UC Davis websites. If you entered your information on an untrusted form or website:

Learn more about how you can protect yourself against phishing scams.