Immediately change your passwords for any potentially compromised accounts Contact your bank or financial advisor to let them know your accounts may be compromised and ask them to put a fraud alert on your accounts Check your bank and financial statements and credit reports to regularly identify any false charges or suspicious activity If you believe you are a victim of identity theft, please see the Federal Trade Commission'sImmediate Steps to Repair Identity Theft.
You may not always know. Scams and malware that steal passwords are designed to be stealthy and unnoticed. Passwords are most frequently compromised one of three ways: Being tricked to giving up your credentials at a real-looking but scam website (AKA Phishing) Malware or other compromises of your device which installs software designed to run in the background and steal passphrases Re-using CalNet credentials for non-UCB websites, and the non-UCB websites are hacked and all credentials exposed
However, a couple of tell-tale signs of credential compromise are:
Phishing is a type of attack carried out in order to steal information or money. Phishing attacks can occur through email, phone calls, texts, instant messaging, or social media. Attackers are after your personal information: usernames, passwords, credit card information, Social Security numbers. However, they are also after intellectual property, research data, and institutional information. Phishing scams can have several goals, including:
Stealing from victims - modifying direct deposit information, draining bank accounts...
We encourage the UC Berkeley community to take an active role in protecting themselves against phishing attacks. Use our helpful tips in our Fight the Phish campaign to recognize and report phishing attacks.
Additionally:
If you are worried about an account, call the organization which maintains it (like your bank) Check the email address—does it really match the text of the email? Does it match the legitimate email of the organization it is supposed to be tied to? Check the security certificate of any...
Phishing attacks are a constant threat to campus and are becoming increasingly sophisticated. Successful Phishing attacks can:
Cause financial loss for victims Put their personal information at risk Put university data and systems at risk All workforce members are responsible for protecting institutional data and complying with information security obligations stated in UC policy, laws...
The first rule to remember is to never give out any personal information in an email. No institution, bank or otherwise, will ever ask for this information via email. It may not always be easy to tell whether an email or website is legitimate and phishing emails are using social engineering tactics to make create sophisticated scams.
In the body of an email, you might see questions asking you to “verify” or “update your account” or “failure to update your records will result in account suspension.” It is usually safe to assume that no credible organization to which you...
No. Phishing attacks can also occur through phone calls, texts, instant messaging, or malware on your computer which can track how you use your computer and send valuable information to identity thieves. It is important to be vigilant at all times and remain suspicious of sources that ask for your credentials and other personal information.