Fake Debt Collection Google Doc Share
April 17, 2025
Unknown parties are sending fake Google Doc Shares with an urgent subject line. They usually refer to lawsuits or debt collection.
Fake Electronic Payment ACH Message
April 9, 2025
Many bMail account holders have recently received fake messages indicating an ACH Payment or Electronic Fund transfer.
Jan 2025 bCourses Audit Attempts
January 22, 2025
An ineligible former Summer Session student is attempting to contact faculty directly and be added to many bCourses.
Phony Staff Assessment Doc Link
January 21, 2025
This phony Staff Assessment notification was received by many bMail users. It is part of a credential stealing attempt.
Fake UC Berkeley Financial Support Program
December 4, 2024
This phony email was sent impersonating a UC Berkeley administrative department. It was attempting to get users to click with a bogus $2,250 financial bonus for eligible faculty and staff.
Phony Remote virtual Assistant Job
December 2, 2024
This is a fraudulent offer for a remote assistant position. The scammer will impersonate a real UCB professor or department and try to take the conversation offline to a 'personal email' address.
Fake Email Account Suspension email
December 2, 2024
This fake email termination message was received by many users allegedly telling them their campus email account would be suspended.
Commonly used phony subject lines include:
'ADVANCE WARNING'
Fake: One of Your Students has Covid Phish
November 12, 2024
This fake email was sent to a number of teaching faculty members, alerting them falsely that they were exposed to a student in class with Covid.
Fake: New Sextortion Scam with Geolocation Data
October 1, 2024
What makes this a phishing message?
This is a classic 'sextortion' hoax from a random GMail email address.
Fake: Phony Docusign Termination Email
October 1, 2024
What makes this a phishing message?
This email has been specifically targeting UC Berkeley Executives and asks them to click a link and enter their credentials to review an employee termination agreement.
Fake: URGENT: COVID-19 Variant Case Alert
July 3, 2024
This phony potential Covid contact alert was received by many users sent to their Campus bMail accounts.
What makes this a phishing message?
This targeted phishing scam is using a fake UC Berkeley email address
PHISHING EXAMPLE: Phony Email confirmation Text Message
June 11, 2024
This fake email termination notification was received by many users on their personal cell phone numbers via text message.
PHISHING EXAMPLE: Fraudulent 'Broken Lab Equipment' Scam
January 30, 2024
What makes this a phishing message?
This targeted phishing scam impersonates the UC Berkeley faculty member or campus lab manager.
Students: Beware of employment scams via email
December 7, 2023
Every year, students at UC Berkeley are scammed out of thousands of dollars via fake employment offers. Beware of unsolicited emails, phone calls, texts or even faceboo
Fake DUO Authentication Request
October 9, 2023
What makes this a phishing message?
This targeted phishing scam impersonates the UC Berkeley Duo Admin to create fear to cause the recipients to act, scanning the QR code which leads to a malicious link.
PHISHING EXAMPLE: Phone Fraud, Chinese Consulate
February 8, 2023
If you are unable to log into bMail, forward the message to phishing@berkeley.edu. For more information visit https://security.berkeley.edu/resources/phishing
PHISHING EXAMPLE: CAUTION : eMail Account Block
May 6, 2022
Attention recipient ,
We have received your request to terminate your email account below,
and the request will be concluded within 12hours from now.
PHISHING EXAMPLE: Email Account Removal
May 6, 2022
Dear recipient
We have received your cancellation request and you are no longer
subscribed to security.berkeley.edu
If you did not request cancellation, kindly click below to reactivate
your account.
PHISHING EXAMPLE: Norton
February 15, 2022
Welcome
Subscriber;
Your Annual membership for NORTON 360 TOTAL PROTECTION has been renewed
and updated successfully.
The amount charged will be reflected within the next 24 to 48 hrs on
your profile of account.
Product Information:
INVOICE NO. @ GGH1644259106OV
ITEM NAME @ NORTON 360 TOTAL PROTECTION
START DATE @ 2022 Feb 07
END DATE @ 1 year from START DATE
GRAND TOTAL @ $240.42 USD
PAYMENT METHOD @ Debit from account
If you wish to not to continue subscription and claim a REFUND then
please feel free to call our Billing Department as soon as possible.
You can Reach us on : +1 – ( 803 ) – ( 598 ) – 4473
Regards,
Billing Department
SP
Fake Cal Store on Instagram
January 19, 2022
Beware of fake Cal Stores on Instagram or other social media platforms.
PHISHING EXAMPLE: English Dept. (Prof. Duncan) Job Offers
January 19, 2022
Using several different emails to send from and various subject lines, this attacker used the name of an actual Berkeley professor to send out a call for remote assistant work.
Severe Software Vulnerability in Apache's Java Logging Library
December 14, 2021
The UC Berkeley Information Security Office is responding to a newly revealed severe software vulnerability in
Financial Phishing Attacks
October 11, 2021
Watch out for financial "spear phishing" emails.
Recognizing & Avoiding Job Scams
September 22, 2021
Are you on the lookout for flexible, part-time employment to help cover school expenses? If so, watch out for scams.
PHISHING EXAMPLE: WORK FROM HOME / BERKELEY PAID JOB OFFER
September 10, 2021
Dear Student,
We got your contact through your school database and I'm happy to inform
you that our reputable company Cisco Systems Inc® is currently running a
student empowerment program. This program is to help devoted and
hardworking students secure a part time job which does not deter them
from doing any other, you just need a few hours to do this weekly and
with an attractive weekly wages.
KINDLY EMAIL BACK WITH YOUR PERSONAL EMAIL ADDRESS IF INTERESTED IN THIS
JOB POSITION.
PHISHING EXAMPLE: WORK AFTER CLASSES OFFER ($500 WEEKLY SALARY)
September 10, 2021
Hello,
Are you currently in the US? Here is an opportunity for you to work part
time after classes and earn $500 weekly.
The job is completely done online and can be completed anytime in the
evening/night at home and won't take much of your time daily, you don't
have to be online all day and don't need any professional skill to do
the job, all you need is just come online before going to bed to forward
all order of the day made by agents to the supplier and you are done for
the day.
PHISHING EXAMPLE: student email directly
September 10, 2021
Hi Student,
I am Dr Ralph Abraham, I feel comfortable discussing this WORK- STUDY opening with you since you were referred by the university chamber of commerce. I am very busy, that is why I have asked for your help as my temporary personal assistant. I provide individual and group therapy, coaching, assessment and many University students with academic difficulties and no prior diagnosis are seen and assessed through the academic screening and assessment process.
PHISHING EXAMPLE: Attention: website.berkeley.edu DMCA Copyright Infringement Notice
August 18, 2021
Hello!
My name is Shafaq.
Your website or a website that your company hosts is infringing on a
copyright-protected images owned by myself.
Take a look at this document with the links to my images you used at
website.berkeley.edu and my earlier publications to get the evidence of
my copyrights.
Download it right now and check this out for yourself:
hxxps://sites.google.com/view/a0hf49gj29g-i4jb48n5/drive/folders/shared/1/download?ID=308682351554855915
I believe you have willfully infringed my rights under 17 U.S.C. Section
101 et seq. and could be liable for statutory damages as high as
$150,000 as set forth in Section 504(c)(2) of the Digital Millennium
Copyright Act (”DMCA”) therein.
PHISHING EXAMPLE: Research Assistant
July 12, 2021
Berkeley University of California is seeking an Research Assistant /
services of a competent Undergraduate Student Administrative Assistant
to work Part-time and get paid $350 weekly. Tasks will be carried
out remotely. If interested, Do text your name to (808) 378-1179
so as to proceed
Bernhard Boser
Professor,
(808) 378-1179.
490A Cory Hall
PHISHING EXAMPLE: UPDATE REQUIRED ON @berkeley.edu
May 26, 2021
Outgoing Mail Error
Due to server error, 6 new mails you sent from recipient@berkeley.edu are stucked in berkeley.edu
Release below to re-send all stuck emails to the destination boxes.
Release Emails
This is a mandatory berkeley.edu webmail service sent to recipient@berkeley.edu
PHISHING EXAMPLE: Lab Report
May 19, 2021
This is to inform you that your laboratory result is ready.
You can access your results via the following link:
https://results.pmhlaboratoXXXXXXXXX.html(link is external)
You must provide your NAME and DATE OF BIRTH in addition to the
following code in order to see the report:
POP UP BLOCKERS MUST BE DISABLED TO DOWNLOAD PDF REPORTS
Patient Initials: A.B.
Access code: 8625150102
PHISHING EXAMPLE: Account Suspension Request
May 19, 2021
Access to recipient@berkeley.edu will be suspended as per
request received by admin at 5/12/2021 11:21:48 p.m. UTC.
If you would like to cancel this request you may proceed below.
*Cancel Now
*
Best Regards,
PHISHING EXAMPLE: DC Dox
May 19, 2021
matbrown19732@gmail.com has shared the following document:
DC.docx
[image: Unknown profile photo]Jim Knowlton shared a file with you
Open
matbrown19732@gmail.com is outside your organization.
Google Drive: Have all your files within reach from any device.
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA [image:
Logo for Google Drive]
PHISHING EXAMPLE: You recently made a request to deactivate email.
May 18, 2021
Dear Customer,
You recently made a request to deactivate email. This request will be processed shortly.
If you did not make this request, cancel the request now.
Cancel Deactivation
If you do not cancel this request, your account will be deactivated and all your email data will be lost.
Sincerely,
Your berkeley.edu Internet Team
UC Email Security Incident Notice
April 5, 2021
Updated May 11, 2021:
UCOP Notice to UC Community: https://ucnet.universityofcalifornia.edu/data-security/index.html
IRS Warning of Impersonation Attacks Targeting Universities
March 31, 2021
Mar.
PHISHING EXAMPLE: UPDATE EMAIL: Don't lose access to your account!!
February 19, 2021
Security Notice!
Dear XXXX,
Our security system has detected some irregular activity connected to your
account. you will be unable to send and recieve emails until this issue has
been resolved
CLICK HERE TO VALIDATE NOW
To prevent further irregular activity we will restrict access to your
account within 72 hours if you did not validate your account.
*Note:* Mail Administrator will always keep you posted of security
updates. Mail Admin
Phishing Example: ELIGIBILITY AND ASSESSMENT
November 30, 2020
Google Forms
Jim Knowlton has shared a file with you using one drive.
ELIGIBILITY AND ASSESSMENT
Designed for Microsoft and office 365 users only
FILL OUT FORM
hxxps://docs.google.com/forms/d/e/1FAIpQLSd2hyLMl01_lJ9NG2Aj4QxXJrQ1ChJ42W0Ubx-FHIu8iT4QSA/viewform?vc=0&c=0&w=1&flr=0&usp=mail_form_link
Create your own Google Form
Phishing Example: 2020 FACULTY EVALUATION
November 30, 2020
Google Forms
Jim Knowlton invited you to fill out a form:
2020 FACULTY EVALUATION
Designed for Microsoft and Office 365 users only
FILL OUT FORM
hxxps://docs.google.com/forms/d/e/1FAIpQLSfUCvno3DdViZI24_kfsFi7EPalW7aAMJIAZvsGCzvvrQX_Ew/viewform?vc=0&c=0&w=1&flr=0&usp=mail_form_link
Create your own Google Form
Phishing Example: RE: staff opinion
November 30, 2020
Good day,
Please, answer the questions Employee Survey – it won`t take long. Waiting for you to go through this survey ASAP.
You can find the survey here: hxxps://docs.google.com/document/d/e/2PACX-1vSjKdTddXL-psR2rYotGSJuwOeBHUKkulbrhy78PHX6VtdJWFurH9mEmeV8PLVm1t4P5W0msKzpCg3N/pub
HR Department Analyst
Uc Regents;
Phishing Example: RE: at the office
November 30, 2020
,
I will come to Uc Regents; soon and send your request about 2 weeks of vacation and payments to you. Very sorry.
Open this recourse to preview the document (if the link doesn't work, copy it and paste to browser):
hxxps://docs.google.com/document/d/e/2PACX-1vQeBPGXB5xGJ9m7RA7RGTEFgpWSAbr-nlOeOYerk4PG0IM_-6b148qM8RUERKw1GhKG5Z5rQpiUaSEF/pub
Outsourcing director notice
Phishing Example: BERKELEY UNIVERSITY WORK FROM SCHOOL OR HOME PART TIME FALL 2020
October 5, 2020
Dear student!
I'm Professor Douglas Ignacio. Senior Policy Advisor at the Student
Unemployment Assistance Program (SUAP).SUAP is committed to provide
significant benefits for students who are currently unemployed or who lost
their jobs due to COVID-19 Pandemic to have equal right and opportunity, to
be economically self-sufficient, and to earn and save without jeopardizing
access to the services and supports that allow them to live and work
independently. You have received this email because you have an offer from
the University Education Department Office for unemployed students to work
with me as my temporary Online Virtual Assistance. typical Duties: You will
only help me mail letters if need be, make online bill payments and
sometimes at the retail stores, purchase some items when necessary. You
Phishing Example: Security Notice - Fix Security Info Now
September 4, 2020
Dear berkeley.edu member, As a precautionary measure we have restricted access to your account until your validate has been changed . To prevent further irregular activity, you will be unable to send out any emails unties issue has been resolved To fix security info, click below to validate.
Phishing Example: (ITCS Notification:) Account Irregular Activity Detected [INC1147653]
September 3, 2020
UC Berkeley | IT Client Services
Hello,
This is an automated official communication from Berkeley IT Client Services Ticket system in reference to the incident number below.
Ticket INC1147653 has been created from the recent activities in your CalNet - ID credentials.
ITCS system have detected an irregular activity related to your UC Berkeley CalNet ID credentials. As a precautionary measure, we will temporary block your account and should be moving it to our backup server but we need your help to do this effectively otherwise you may lose your login information and data at the end of the Duo Account Migration & Quarantine clean-up process.
Phishing Example: Tutoring
August 7, 2020
Hello,
How are you doing today? This is Barnes Beckwith. I saw your contact at the University of California, Berkeley, Department of East Asian Languages and Literatures under the Directory's portal. I seek a private beginner's language tutor for my Daughter. I would like to know if you have a STUDENT/TUTOR available for the job.
As you will be unable to teach her owing to your BUSY SCHEDULE/STATUS, you can RECOMMEND one of your STUDENT(s) who is capable of teaching.
Due to the Covid-19 Pandemic, the teaching could be done remotely. This depends on the tutor's directive.
Looking forward to hearing from you.
Scammers Exploit California’s COVID-19 Contact Tracing Program
July 15, 2020
In ongoing efforts to mitigate the spread of COVID-19, Gov. Newsom launched "California Connected, " the state's contract tracing program and public awareness campaign. Malicious actors are leveraging the program to use phishing scams to exploit the public.
Phishing Example: Evaluation of UCRP Benefits for University of California, Berkeley
July 5, 2020
Employee Crook,
Each year, as an employee of University of California, Berkeley you are
eligible to schedule a phone call, teleconference, or in-person meeting off
campus with a representative for answers to your specific state, federal
and individual retirement benefit questions.
At your consultation you will be provided with information on what your
expected income will be from UCRP when you retire, and how much longer you
will have to work. You will also receive advice on the best ways to utilize
your 401(a) options with your UCRP and/or Social Security benefits.
*Please be sure to indicate which type of appointment you prefer
(off-campus, phone call, or teleconference) in the notes section while
scheduling. Please also include your direct cell phone number.*
Phishing Example: URGENT REQUEST (Email Impersonation)
June 30, 2020
Are you available ?
No calls text only 9513072XXX
BEST REGARDS
Carol T Christ
Chancellor
Berkeley University of California
Berkeley COVID-19 Information
June 22, 2020
Dear students,
Berkeley University Of California health professionals have been closely
monitoring the spread of COVID-19 over the past two months.Therefore the
university is organizing an online part time job to sustain the students
living.I'm happy to inform you that our reputable company CORESTAFF
SERVICES Inc®,is currently running a student empowerment program.
KINDLY EMAIL BACK WITH YOUR PERSONAL EMAIL ADDRESS IF INTERESTED IN
THIS JOB POSITION.
Kind Regards
Donna Lisa
HR Manager/Consultant
CORESTAFF SERVICES Inc®
Phishing Example: Congratulations! You're Hired
June 5, 2020
ID:#Q94HL9632********
Congratulations your new job, I had to verify
all the information you provided. I hope to have your 100% loyalty and
co-operation. Your quick response to e-mails and effectiveness will be
required and you will be receiving your first assignment very soon.
You will be emailed with detailed instructions. After checking my
programs, unfortunately, you don’t have much done for me this week. So,
you'll be starting your first Assignment In few days, I am unable to meet
up for an interview because I am currently away and helping the disabled
students in Abroad as stated in my previous email but scheduled to be back
last week of July
Phishing Example: Student Part-Time Job
June 3, 2020
Dear Student,
We got your contact through your school database and I'm happy to inform
you that our reputable company Cisco Inc® is currently running a student
empowerment program. This program is to help devoted and hardworking
students secure a part time job which does not deter them from doing any
other, you just need a few hours to do this weekly and with an attractive
weekly wages.
KINDLY EMAIL BACK WITH YOUR ALTERNATE EMAIL ADDRESS IF INTERESTED IN THIS
JOB POSITION.
Scammers are Exploiting Coronavirus Fears to Phish Users
March 9, 2020
Attackers have been sending emails that feed on concerns about COVID-19 to spread malware, trick them into sharing account credentials, or opening malicious attachments.
Phishing Example: Urgent Request
January 9, 2020
Are you available ?
No calls text only 9513072XXX
BEST REGARDS
Carol T Christ
Chancellor
Berkeley University of California
Phishing Example: Part time work assistant needed
October 30, 2019
Hello RECIPIENT
I am urgently seeking for a Clerical/Administrative Assistant to
work for me on campus at their own free time while I am away on my work and
earn basic wage $250 weekly.This is a flexible job that requires little to
no prior experience .Let me know you are interested and I will fill you in.
Sincerely
*Professor David Card*
*Department of Economics*
*530 Evans Hall #3880*
*University of California Berkeley*
*Berkeley, CA*
Phishing Example: Robocalls
July 21, 2019
This call is from the Department of Social Security Administration. The reason you have received this phone call from our department is to inform you that we just suspend your Social Security number because we found some suspicious activity, so if you want to know more about it just press 1, thank you.
Phishing Example: Business Email Compromise
December 27, 2018
Are you around? I need to pay a vendor with the blucard.
University of California, Berkeley
Phishing Example: Google Doc Phishing Message
May 3, 2017
XXX has invited you to view the following document:
Open in Docs
Phishing Example: Message from human resources
April 13, 2017
This message, appearing to come from the HR department, was successful at convincing several campus recipients to click on the link provided and enter their Calnet credentials. The link was directed to a fake Calnet login page, the account name and password entered on this page would be compromised.
Phishing Example: Library Account
April 1, 2017
Dear Student,
Your access to your library account is expiring soon due to inactivity. To
continue to have access to the library services, you must reactivate your
account. For this purpose, click the web address below or copy and paste it
into your web browser. A successful login will activate your account and
you will be redirected to your library profile.
https://auth.berkeley.edu/cas/login?service=https%3a%2f%
If you are not able to login, please contact at
xxxxx@berkeley.edu for immediate assistance.
Phishing Example: Your Dropbox File
January 30, 2017
Hello,
You just received a file through Dropbox Share Application.
Please click below and log in to view file.
View file
Every time a friend installs Dropbox, we'll give both of you 1 GB of
space for free! Need even more space? Upgrade your Dropbox and get 1 TB
(1,000 GB) of space.
Happy Dropboxing.
- The Dropbox Team
Phishing Example: bCourses Expiration Notice
January 25, 2017
A targeted phishing message was received on campus appearing as an expiration notice for access to bCourses. The message attempted to trick recipients to login with CalNet credentials to prevent access expiration
Phishing Example: First 2017 Tax Season Phish
January 24, 2017
The Human Resources/Payroll Department has completed the final paystub
changes for 2017 tax year.
To view the changes to your paystub information and view/download your W-2
forms (2014 - 2016 tax years), go to: Adp Portal
We hope you find the changes to your paystub information useful and welcome
any comments you may have.
Yours Sincerely,
Danielle Carrel.
Phishing Example: FedEx Shipment Update
January 3, 2017
Dear Customer,
We could not deliver your item.
You can review and print complete details of shipping duty on your order.
Thanks
Phishing Example: Important Announcement from Chancellor Dirks
December 14, 2016
Good Morning Berkeley Family,
Please read attached for an important announcement from Chancellor Nicholas B. Dirks
Thanks,
Nicholas B. Dirks
Chancellor
1 attachment: shared Document.pdf
Phishing Example: Email Account Upgrade
October 28, 2016
Dear User,
Someone else was trying to use your Berkeley ID to sign into iCloud via a web browser.
Date and Time: 28 October 2016, 1:38 PM
Browser: Firefox
Operating System: Windows
Location:Thailand
If the information above looks familiar, you can disregard this email.
If you have not recently and believe someone may be trying to access your account, you should Click Here .
Sincerely,
Technical Support Team
Phishing Example: Irregular Activity
October 20, 2016
We have detected irregular activity on your account on the date 10/20/2016. For your protection, we have temporary limited your account.
In order to regain full access to your account, you must verify this activity before you can continue using your account. We have sent you an attachment , open it and follow the steps to verify your account. Once completed, please allow up to 48h to update.
Copyright © 2016 BankOfAmerica, All rights reserve
IrregularActivityFile.html
Phishing Example: Messages containing Locky malware
August 24, 2016
Hello,
Please sign the attached contract with our technical service company for 2016 � 2017.
We would appreciate your quick response.
King regards,
Cynthia Curtis
(Digital-Signature: f0a0e01386d19b03736165288026cc97e325560c78700e95)
Phishing Example: Vital Info
May 23, 2016
Hello, Please refer to the vital info I've shared with you using Google Drive. Click https://www.google.com/drive/docs/file0116 and sign in to view details..
Regard
--
Phishing Example: bCourses Phish Attack
May 20, 2016
Dear User,
This message is to inform you that your access to bCourses will soon
expire. You will have to log in to your account to continue to have access
to this service.
You need to reactivate it just by logging in through the following URL. A
a successful login will activate your account, and you will be redirected to
your bCourses page.
http://bcourses.berkeley.cnea.gq/login_0DZbL4B22o0ki22F0IZotK2LqgZijDXvf...
If you are not able to login, please contact Mary Patel at mpatel@berkeley.edu for immediate
assistance.
Sincerely,
Mary Patel
Berkeley Security
University of California, Berkeley
510-643-6927
mpatel@berkeley.edu
Phishing Example: PayPal - We need your help
March 22, 2016
We need your help. You account has been suspended, as an error as detected in your informations. The reason for the error is not certain, but for security reasons, we have suspended your account temporarily.
Phishing Example: RE: Notice from @rescue.org
March 14, 2016
A phishing message purporting to be from the International Rescue Committee regarding IT maintenance has been circulating on campus. The message requests that the recipient upgrade their mailbox size by selecting a link that redirects to a malicious website.
Phishing Example: Last Reminder You Must Update Your Apple Account Information!
March 13, 2016
Hello,
We've noticed that some of your account information appears to be missing or incorrect, we need to verify your account information in order to continue using your Apple ID.
Please Verify your account information by clicking on the link below. Sign in using your Apple ID to start the process, Verify Now >.
Wondering why you got this email?
When you don't regularly update your Apple ID information, Apple will require you to sign in by following the link in a verification email and update your information.
This is to help protect your identity and keep your account secure.
Apple Support
Phishing Example: Help Desk Notice
March 4, 2016
We detected unknown IP access on our date base computer system our security requires you to verify your account for secure security kindly Click Here and verify your account.
​
Help Desk​
Phishing Example: Google Docs Download
February 22, 2016
You have a pending incoming download docs shared with you via Google docs
Phishing Example: UCOP Spear Phish Attack
February 22, 2016
I need all our employee's reference copies of 2015 W-2 wages and tax
statement, i am working on a review and if you can work on the W2's and
have it sent to me as an attachment this morning that will be
splendid. Via email would be appropriate.
Regards.
Janet Napolitano.
Phishing Example: ITunes Access Disabled
February 21, 2016
Another example of a common ploy to trick the recipient into clicking a link to a malicious website by claiming access to ITunes has been disabled.
Phishing Example: "Dear Email User" Expired Password Ploy
February 9, 2016
Your password will expire in 2 days, Click Here
to re-change your password immediately.
Thank you,
IT- Help Desk
SEED IS PROUD TO BE A 21st CENTURY COMMUNITY LEARNING CENTER.
LEGAL DISCLAIMER - The information contained in this communication (including any attachments) may be confidential and legally privileged. This email may not serve as a contractual agreement unless explicit written agreement for this purpose has been made. If you are not the intended recipient, you are hereby notified that any dissemination, distribution, or copying of this communication or any of its contents is strictly prohibited. If you have received this communication in error, please re-send this communication to the sender indicating that it was received in error and delete the original message and any copy of it from your computer system.
Phishing Example: IT-Service Help Desk "Password Update"
February 2, 2016
Password will expire in 2 days Click Here To Validate E-mail
Thank you,
IT-Service Help Desk
Phishing Example: U.S. Dept. of Labor "Record Update"
January 18, 2016
This is an urgent request to update your employment record at the U.S Department of Labor.
Phishing Example: IRS Service "Important Update"
January 15, 2016
As we prepare to start the 2016 Tax filling season, we have undergone slight changes in the filling process to make filling for your refund easier and to prevent unnecessary delays.
Part of the changes include updating our database with your information.
Please ensure to carefully complete this verification to avoid hitches in processing your refund.
We have sent you an attachment, open it and follow the steps to verify your profile.
Phishing Example: DHL Express Document
January 15, 2016
Dear xxx@berkeley.edu
Your parcel (shipping document) arrived at the post office. Here is your Shipping Document/Invoice and copy of DHL receipt for your tracking which includes the bill of lading and DHL tracking number, the new Import/Export policy supplied by DHL Express. Please kindly check the attached to confirm accordingly if your address is correct, before we submit to our outlet office for dispatch to your destination.
Label Number: E727D5151D
Class: Package Services
Service(s): Delivery Confirmation
Status: eNotification sent
Find attached the full statement information and a full list of outstanding Invoices.
Your item will arrive in two (2) days time, and within the agreed credit term as stated on your Invoice.
We would like to thank you for using the services of DHL Express.
Read the enclosed file for details.
Phishing Example: "Paperless W2"
January 6, 2016
Dear: Account Owner,
Our records indicate that you are enrolled in the University of California paperless W2 Program. As a result, you do not receive a paper W2 but instead receive e-mail notification that your online W2 (i.e. "paperless W2") is prepared and ready for viewing.
Your W2 is ready for viewing under Employee Self Service. Logon at the following link:
Click Here to Logon
If you have trouble logging in to Employee Self Service at the link above, please contact your Payroll Department for support.
If you would like to un-enroll in the Paperless W2 Program, please logon to Employee Self Service at the link above and go to the W2 Delivery Choice webpage and follow the instructions.
Phishing Example: Spear Phishing Attack "Articles"
January 2, 2016
Dear Dr.
Phishing Example: PayPal Forgery
January 1, 2016
Pay.service Secure
Dear Client,
Recently, your account was reviewed and flagged because of a potential connection to some fraudulent transactions. To avoid an eventual restriction to your account, please verify your informations by logging in to our Litigations manager.
Phishing Example: UCB-HR "Your New Salary Notification"
December 10, 2015
Hello, You have an important email from the Human Resources Department with regards to your December 2015 Paycheck
This email is enclosed in the Marquette University secure network, hence access it below
Access the documents here
***Ensure your login credentials are correct to avoid cancellations**
Faithfully
Human Resources
University of California, Berkeley