The UCLA Information Security Office would like to raise awareness and urge caution related to two external websites impersonating the legitimate UCLA Single Sign On (SSO) Authentication page to carry out credential harvesting attacks. The tactic relies on deceiving individuals to visit the page, often via a phishing email, and then inputting their credentials into the username/password field under the presumption that it is the legitimate UCLA SSO page. We are in the process of collaborating with our partners to shut down these hosts.
- Myucla[.]bruinclubs[.]com
- shb.ais.ucla.edu[.]bruinclubs[.]com
If you have any questions or concerns, please do not hesitate to contact us at security@ucla.edu. Thank you.
