We encourage the UC Berkeley community to take an active role in protecting themselves against phishing attacks. Use our helpful tips in our Fight the Phish campaign to recognize and report phishing attacks.
- If you are worried about an account, call the organization which maintains it (like your bank)
- Check the email address—does it really match the text of the email? Does it match the legitimate email of the organization it is supposed to be tied to?
- Check the security certificate of any website into which you are entering sensitive data. They should usually begin with https:// Some browsers will display padlock symbols in the address and status bars. Anything on a website saying it is safe can be falsified and is not verified by the browser you are using, and so shouldn’t be trusted
- Keep your software current
- Install antivirus software