Emails Can Be Spoofed
Email spoofing is the creation of email messages with a forged sender address. Often these phishing emails will come from names you know, or are familiar with and have an urgent request. Some may demand that you "update your account information" or "login to confirm ownership of your account".
Attackers may also set up web sites under their control that look and feel like legitimate web sites. If you enter your credentials into these illegitimate websites, you are sending your username and password directly to the attackers. Stop and look at the email address before you reply and don't click any unexpected links or attachments.
To keep you and your information safe:
- Keep personal information out of the public eye
- Remember to keep your guard up
- Float over links and addresses to reveal the truth
- Join the fight by reporting phishing attacks
Dodge their attacks—and counter—by reporting it:
Using the bMail web interface:
- Open the message
- To the right of 'Reply' arrow, select 'More' (typically denoted with three vertical dots)
- Then 'Report phishing'
If you are unable to log into bMail forward the message to phishing@berkeley.edu
