Anti-Phish Tip #4

Check for Trash Before the Slash

Check for Trash Before the Slash

Verify "" Before Entering CalNet Credentials

THE TRAP: You are asked to enter your CalNet passphrase on what looks like the standard blue CalNet Authentication page.

YOUR DEFENSE: Always check the actual URL to make sure it starts with "". Trusted UCB authentication pages will never have anything phishy BEFORE the first single slash. Fraudulent login screens designed to steal your credentials may LOOK authentic if you're not paying attention to the URL.

Good Example:

Bad Example:

Also, check for the Extended Validation Certificate in the address bar.  Look for a long green bar with a padlock followed by our institution’s name:  University of California, Berkeley (Regents of the Univ. of CA)[US]

Remember: Only You can Protect your CalNet Passphrase!

Not sure it's a phish? Report it

Using the bMail web interface:

  1. Open the message
  2. To the right of 'Reply' arrow, select 'More' (typically denoted with three vertical dots)
  3. Then 'Report phishing'

If you are unable to log into bMail, forward the message to sends e-mail)