Phishing threat to paycheck information

July 10, 2024

Colleagues,

New safeguards have been added to help protect the campus community from phishing attacks that could result in unauthorized access to employees’ UCPath accounts and paycheck information.

Campus IT officials are leveraging new capabilities from the Duo Mobile multi-factor authentication application. While using the Duo Push function (clicking the green check mark) remains the safest option, using Duo mobile passcodes(link is external) is another option and is the one we are strengthening. Effective Monday, July 22, CalNet will implement time-based, one-time passcodes, replacing persistent passcodes with ones that expire 30 seconds from the time of the request. This is to prevent attackers from storing and using passcodes to compromise accounts. If you encounter trouble with Duo, please open a service ticket by emailing: calnet2-stephelp@berkeley.edu(link sends e-mail).

This action follows eight incidents in the last two months in which cyber criminals used phishing schemes to gain employee CalNet credentials and access UCPath, where they redirected the employee’s direct deposit paycheck to a banking application the hacker could access. 

In addition to the Duo change noted above, campus IT officials are also working with UC systemwide officials to help further secure UCPath. To help protect yourself from this current threat, please consider taking the following actions:

Under campus policy, employees who are victims of such schemes as the UC Path situation are directed to file a police report to launch a process to recover their missed pay. As we have stated in other recent CalMessages, cyber attacks in higher education are growing at an alarming rate, with higher education institutions across the country facing sophisticated attacks that target our most sensitive systems and data.

Thank you for your attention to this matter and your partnership in our efforts to thwart cyber threats. 

Sincerely,

Tracy Shinn
Associate Vice Chancellor for IT and Chief Information Officer


This message was sent to all UC Berkeley faculty and staff. If you are a manager who supervises UC Berkeley employees without email access, please circulate this information to all.