Defeat Phishing Attacks
Learn the tell-tale signs of phishing emails

The Federal Bureau of Investigation (FBI) estimates that victims lost approximately $1.42 billion in 2017 due to internet fraud.

Many of these victims were targeted through phishing emails to their personal or business email accounts resulting in roughly half of the losses reported in 2017.

Internet fraud can take many forms, but the top cyber threats for UCSF are Business Email Compromise (BEC), where fraudsters use faked emails to impersonate the CEO or any executive authorized to do wire transfers to divert funds, and Ransomware, where criminals gain access to a company’s data and/or systems, encrypt the data, and demand a ransom payment from the company in order to allow them to regain access to the data and/or systems.

Preventing these kinds of fraud relies on vigilance around phishing emails – those that purport to come from a legitimate business or sender and request sensitive information such as personally identifiable information, banking and credit card details, or passwords.

According to the FBI, the state of California accounted for more victims than any other state, and people over 60 years old were the most impacted age group.



  • Delete any phishing emails without clicking on any links or Reply.
  • If the email appears to be from an internal UCSF user but seems suspicious, generate a new email to the sender using the email address from UCSF’s internal directory and confirm whether they sent you the previous email.

Detect Phishing Emails:

  • Know that credible institutions and organizations will not request personal information, including usernames, passwords, banking details via email or text.
  • Recognize that time sensitive threats (e.g. your account will be closed if you do not respond immediately) are never used by legitimate organizations.
  • Be aware of the common elements of phishing emails: spelling and grammar mistakes, vague or missing information in the “from” field or email signature, or the “To” field contains multiple random email address or is alphabetized.
  • Be alert for other indications: an impersonal or awkward greeting, such as “Dear Mr. Account Holder”, unexpected files or downloads, links that don’t refer to the sender or sender’s organization, and emails about accounts that you don’t have, such as eBay or PayPal, or banks that you don’t have accounts with.


  • If you have received a phishing email or text on a UCSF supported mobile phone and mistakenly clicked on a link, contact the IT Service Desk immediately to report that your account has been compromised and change your password. UCSF IT Service Desk can be contacted at: 415-514-4100 or