Skip to content

Information Security Awareness

Technology alone can't always protect our computers and information. Awareness of information security issues and best practices is an important tool to help you protect yourself, your family, and the UC community.


Protect Yourself from Tax ScamsImage of tax forms

January 2018

Tax season is coming and scammers soon will be sending fraudulent e-mail messages that look like legitimate tax communications. Don’t become another victim. The IRS estimates that identity thieves have already stolen more than $11 billion through tax fraud since 2012. Be on alert for the following... [More... See the full article]

Image of a fish and fish hookPhishing Awareness Toolkit

March 2018

"Grab-and-go" Toolkit: The items below are intended to be quick and easy to use or customize (e.g. substituting a local URL and/or logo for the systemwide one provided). Additional materials are available on a separate, expanded page.

For editable files beyond what is available here, please contact your Systemwide Information Security Awareness Workgroup rep(s), listed to the left. If your location isn't listed, please email BOTH Julie Goldstein AND Kamika Hughes at and

| Article | Posters | Videos | Quiz | Informational Web Pages | Newsletter | Social Media Posts | Webinar |

Article: "Don't Let a Phishing Scam Reel You In".
Cybercriminals use phishing—a type of social engineering—to manipulate people into doing what they want. Students, staff, and faculty have all suffered losses from phishing. Knowing what you're up against can help you be more secure. Here are a few things you can do to guard against phishing attacks... [More... See the full article]

Click on thumbnail for full size flyer. Note: Shark-and-penguin "Grab-and'go" posters have a customizable footer only. More flexible versions are available but require additional time/effort to customize.

Flyer: Always check before you click! Flyer: Hello? Who's Calling? Protect yourself from phone phishing. Flyer: How to spot a phishing email

*Best for online or presentation use.
Text may be small/dense for use as
a stand-alone flyer.

Videos: (all closed captioned)

  • Phishing/General Protection (STOP. THINK. CONNECT.) (1:16 min)
    Some good tips that aren’t included in other videos, like how easy it is to replicate an organization's image/logo. Short and easy to follow.
  • RBC Cyber Security - No Phishing! (Royal Bank of Canada) (2:15 min)
    Humorous, well done video. A take on Norse mythology and gaming. Friends helping friends recognize what to do. Mentions the ‘s’ in https and how criminals are getting good at faking it. Highlights two common phishes.
  • Protect Yourself from Phishing Attacks (UCSB) (0:55 sec)
    Mirrors the main points from the above article.

OpenDNS Phishing Quiz. Nice phishing quiz with examples of safe vs. phishy URLs.

Informational Web Pages:

SANS OUCH Newsletter on social engineering (from Jan 2017 but still "current")

Social Media Posts:

  • Never email confidential information to anyone. #Phishing
  • Hover to discover: Mouse over links in email to reveal their true URL. Avoid getting phished—no hook for you! #Phishing #CyberAware
  • “Verify your account by midnight or it will turn into a pumpkin!” Get a message urging you to take action? Delete it! #Phishing #CyberAware
  • Receive a suspicious email from a friend or colleague? Call them to ask if they really sent it. #Phishing #CyberAware

Too Legit to Quit: How to Avoid Making Legitimate Campus Messages Look Phishy - An Educause/HEISC Webinar.
Speakers: Petr Brym (UC Davis), Patricia Clay (DeSales University), and Ed Hudson (CSU, Office of the Chancellor)
(Live webinar event recorded on February 21, 2018.)

(end of Phishing Awareness Toolkit)

Three tips to protect yourself from the unexpected

October 2017

You’ve read the headlines. Organizations big and small, including even large retailers and mega companies, are not immune to data breaches and hackers’ increasingly sophisticated schemes.

....To keep your information and the university’s safe, incorporate good cybersecurity habits into your daily routine.

Sometimes, though, you can do everything right and still fall victim. For example, numerous data breaches at well-known companies have affected millions due to no fault of the people impacted. In addition, natural disasters are often followed by a wave of scams, such as phony donation websites.

Practice these three tips to protect yourself from the unexpected...

[More... See the full article]

Cybersecurity: Make It a Habit!

Good habits are the foundation of cybersecurity just like they are for safety and security in the physical world -- like locking your front door or wearing your seat belt in the car.

Here are eight important cybersecurity habits to incorporate into your online life. Try to make these habits automatic. They will help protect your information, your family and your work. They'll also reduce your risk of getting scammed!

  1. Always think twice before clicking on links or opening attachments.
  2. Verify requests for private information (yours or anyone’s), even if the request seems to come from someone you know.
  3. Protect your passwords.
  4. Protect your stuff! Lock it up or take it with you before you leave.
  5. Keep a clean machine! Keep your devices, apps, browsers, and anti-virus/anti-malware software patched and up to date.
  6. Back up critical files.
  7. Delete sensitive information when you are done with it.
  8. If it’s suspicious, report it!

[More... See the full article]


July 2017

There has been a lot in the news about ransomware lately. Recent ransomware attacks have caused high-profile business shut downs, including the San Francisco Municipal Transportation Agency’s ticketing system, Hollywood Presbyterian Medical Center, and the University of Calgary, just to name a few.

Ransomware is the fastest growing malware threat, targeting users of all types—from the home user to the corporate network. This article provides some background on what Ransomware is and how to protect yourself.

[More... See the full article]

SANS OUCH Monthly Security Awareness Newsletters

"Each issue focuses on and explains a specific topic and actionable steps people can take to protect themselves, their family and their organization."

SANS Security Awareness Tip of the Day

Each day SANS posts a new tip that focuses on and explains a specific topic and actionable steps people can take to protect themselves, their family and their organization. In addition, each tip is linked to an OUCH! newsletter so you can learn more about the topic, in over 20 languages.

Article Archive

Copyright © Regents of the University of California | Terms of use