What makes this a phishing message?
This targeted phishing scam impersonates the UC Berkeley faculty member or campus lab manager.
This email is sent to the parents of a student working in a campus lab. It invents a phony 'accident' that damaged an expensive piece of lab equipment and asks the parents of the lab member to reimburse the lab for part of the cost of replacement.
This targeted phishing scam uses urgency and fear to cause the recipients to act, extorting money from a phony accident.
Tips if Something Seems Off:
-
The message is sent from a non-UC Berkeley GMail account similar to a legitimate professor's name
-
The scam required the fraudster to have the contact information of the lab members' parents.
-
Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL.
-
(Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust.
-
-
Follow up with the sender separately. Contacting the real lab manager or faculty member through their official campus email would reveal this to be a scam.
-
If you didn’t expect it, reject it. Or follow up with the individual directly in a separate email or call/text to confirm.
-
Report and/or flag it
-
Open the message
-
To the right of 'Reply' arrow select 'More' (typically denoted with three vertical dots)
-
Then 'Report phishing'
-
If you are unable to log into bMail, forward the message to phishing@berkeley.edu(link sends e-mail) For more information visit https://security.berkeley.edu/resources/phishing
-
