Campus News

Student direct deposit fraud phishing attacks

There is an active phishing attack targeting UC Santa Cruz students. Bad actors are attempting to steal financial aid refunds and disbursements by gaining unauthorized access to student accounts.

January 8, 2026

By Information Technology Services

Dear UC Santa Cruz Students,

There is an active phishing attack targeting UC Santa Cruz students. Bad actors are attempting to steal financial aid refunds and disbursements by gaining unauthorized access to student accounts.

Be alert for these tactics

Attackers are sending phishing emails using the following themes, for example:

• Dropped from class notifications
• Changes to your class schedule
• Grade notifications
• Statement regarding your Student ID

See latest phishing examples

Remember: Do NOT click on links to non-UCSC webpages and forms. Instead, go directly to MyUCSC or Canvas. Please report anything that looks “phishy” immediately by emailing phishing@ucsc.edu.

---

If you believe you’ve been compromised

1. Reset your UCSC Gold password using CruzID Manager
2. Check your information in MyUCSC:
   1. Confirm your mailing addresses (MyUCSC > Personal Information > Addresses).
   2. Confirm your direct deposit information in MyUCSC (MyUCSC > My Account $ > Sign up for Direct Deposit).
3. If you have questions, contact
   1.  ITS Service Desk –  call 831-459-4357 or get a help request started
   2. Student Business Services – sbs@ucsc.edu

Our priority is to ensure you have the information you need to protect your account. Learn more about this phishing attack. If you have any questions or need support, please reach out.

Thank you,

Melanie Douglas
Interim Vice Chancellor for Information Technology

Brian Hall
Associate Vice Chancellor / Chief Information Security Officer