Security Reminders as We Approach Tax Season

General reminders and best practices:

File electronically and use direct deposit for the quickest refunds.
File early - the earlier, the better. Filing early helps prevent identity fraud; others cannot file a fake return in your name if you have already filed.
Remember that the IRS will never request payment over the phone, or ask for personal information through emails or text messages

2026 Tax Season Scams

As we move through the 2026 tax season, scammers are becoming increasingly sophisticated, specifically targeting the UC Berkeley community. By leveraging AI voice cloning and mimicking official university platforms like UCPath, they aim to steal your credentials, reroute your paychecks, or harvest your W-2 data.

Here is what you need to know to protect your identity and your hard-earned money:

The UCPath "Urgent Update" Phish

Scammers are currently using AI-generated emails and texts that look exactly like official UC communications. They may claim your "salary details have changed" or your "direct deposit needs re-verification."

The Trap: A link leads to a fake login page that looks identical to the real UCPath portal.
The Goal: To steal your CalNet credentials and reroute your paycheck to an untraceable account.

W-2 "View Your Statement" Scams

Criminals often send emails or texts with attachments labeled "2025 W-2" or "Tax_Statement_UC."

The Fact: The University of California does NOT send W-2 statements via email or text.
The Trap: Clicking the link or opening the attachment installs malware or leads to a credential-harvesting site.

AI Voice Cloning & IRS Impersonation

Fraudsters are now using AI to clone the voices of authority figures or realistic-sounding IRS agents. They may call claiming you owe a "Federal Student Tax" or have an outstanding debt that requires immediate payment via gift cards or wire transfers.

The Fact: The IRS will never initiate contact via phone, text, or social media to demand instant payment.

Search Engine "Malvertising"

When you search for "UCPath" on Google or Bing, scammers sometimes pay for the top ad slot to lead you to a fraudulent site.

The Fix: Always verify that the URL is ucpath.universityofcalifornia.edu.

info courtesy of the IRS: https://www.irs.gov/help/tax-scams/recognize-tax-scams-and-fraud

How to Protect Your Paycheck

To stay secure, follow these Berkeley-specific best practices:

Bookmark the Official Portal: Never click a link in an email to access your taxes. Type ucpath.universityofcalifornia.edu directly into your browser.
Respect the Duo Push: Never approve a Duo MFA request that you did not personally initiate. Scammers may try "Duo fatigue" by sending multiple requests until you accidentally tap "Approve."
Verify Your Contact Info: Log into UCPath and ensure your personal (non-Berkeley) email is listed as a recovery address. This ensures you receive legitimate alerts if changes are made to your direct deposit.

Check your W-2 Directly

Once logged in to http://ucpath.universityofcalifornia.edu/, go to:

Income and Taxes >
Tax Statements >
View Online W-2/W-2c.

Tip: For best results, use Chrome or Firefox when downloading.

How to Report These Scams:

At UC Berkeley:

Using the bMail web interface:

Open the message
To the right of 'Reply' arrow, select 'More' (typically denoted with three vertical dots)
Then 'Report phishing'

If you are unable to log into bMail forward the message to phishing@berkeley.edu.

Beyond UC Berkeley:

If you encounter suspicious activity or scams related to the IRS or taxes, contact the IRS immediately, through methods specified on their website: https://www.irs.gov/privacy-disclosure/report-phishing

Topics

Cybersecurity Awareness topic page