Staying Cyber Secure In The New Semester
February 23rd, 2026

Post

 

Dear Colleagues,

As we enter the third week of a new semester, ITS would like to remind everyone that we not only have to be cognizant of phishing attempts but also stay ahead of the ever-evolving forms of social engineering.

This year, the red flags we previously used to spot scams (like broken English, poor formatting, and fake email addresses) have declined dramatically. Sectors across the board are seeing a marked increase in AI-powered phishing and smishing (text scams), some of which are sophisticated enough to emulate the tone of state agencies, department heads, and even students in distress.

A few things to keep in mind as you clear out your inbox and check your text messages:

First, watch out for the Urgency Trap. The most common form of attack seen today isn’t a virus; it’s a request for a favor. If you’re asked for an “urgent” favor via an unexpected text or email (e.g., requests for gift cards, wire transfers, or login credentials), please verify the request through legitimate channels. Most often, a quick phone call or a new message to a known email address is the only way to be sure the request is actually genuine. Remember that Dr. Muñoz and other LBCC executives will never contact you directly with these types of requests!

Second, be mindful of MFA Fatigue. Today’s best defense, Multi-Factor Authentication, is currently being targeted by hackers who send repeated login requests to phones, hoping victims eventually just hit “Approve”. If you see an MFA request on your device that you didn’t personally initiate, decline it immediately. This usually means that your password has been compromised, and you should contact the ITS Help Desk immediately to help you secure your account.

Finally, industry is seeing a big shift toward SMS scams. Be especially careful of text messages regarding your accounts, benefits, direct deposit, etc. Legitimate businesses will not ask you to click a link in a text message to “avoid account suspension”.

Remember, cybersecurity is a shared responsibility. When you actively Report a Phishing Email, you’re not only protecting yourself but also training the email system to block that specific threat for everyone else.

If you ever get the feeling that a message is a little bit off, just play it safe and report it.

 

Further Information

For an in-depth look at how to avoid phishing scams, please check out the Federal Trade Commission’s Webpage

Fallen Victim to Internet Fraud?

If so, the California Attorney General suggests that you report it to the following agencies:

Furthermore, you are encouraged to notify your bank, freeze your credit, and report to the CA Department of Financial Protection and Innovation (DFPI) if financial services were involved.

Protect Your Password

ITS would be remiss if it didn’t remind everyone that AP 3720: Computer and Network Use specifically prohibits the sharing of passwords with anyone, including your manager, those who report to you, your colleagues, or even ITS.

 

If you have any questions regarding this or any other previous advisory, please do not hesitate to email the Office of Information Security.