Please be aware that some employees of UCR are being targeted by an email-based attack referred to as a Business Email Compromise (BEC). The scammer sends an email appearing to come from another UCR employee, often a supervisor, who is requesting gift cards such as iTunes or eBay gift cards, along with other unusual requests such as insisting a vendor be paid outside of the normal reimbursement process. In addition, the sender will frequently indicate they are in a meeting and cannot be contacted by phone.
In the event you receive such an email, consider the following tips:
- Use Forward instead of Reply: Instead of hitting ‘Reply,’ use ‘Forward’ to send it to the intended recipient. This can help avoid falling victim to a BEC scam that utilizes a spoofed domain.
- Treat email with caution: Email is a gateway into your computer and personal information, so make sure you only open emails or attachments from known senders and be wary of emails with attachments.
- Implement a formal process: Ensure there is a formal process in your organization for high-risk transactions such as wire transfers and requests for sensitive documentation.
- Don’t get complacent: Fraud is ever-changing, keep up to date with the latest fraud trends by visiting online information security sources or contacting the UCR ITS Information Security Office.
As always, we thank you for your vigilance in keeping our campus and our data secure. For questions and support, please contact Information Technology Solutions at (951) 827-IT4U (4848) or BearHelp@ucr.edu.
UCR Chief Information Security Officer