News

All News

September 10, 2021

PHISHING EXAMPLE: WORK FROM HOME / BERKELEY PAID JOB OFFER
Dear Student, We got your contact through your school database and I'm happy to inform you that our reputable company Cisco Systems Inc® is currently running a student empowerment program. This program is to help devoted and hardworking students secure a part time job which does not deter them from doing any other, you just need a few hours to do this weekly and with an attractive weekly wages. KINDLY EMAIL BACK WITH YOUR PERSONAL EMAIL ADDRESS IF INTERESTED IN THIS JOB POSITION.
PHISHING EXAMPLE: WORK AFTER CLASSES OFFER ($500 WEEKLY SALARY)
Hello, Are you currently in the US? Here is an opportunity for you to work part time after classes and earn $500 weekly. The job is completely done online and can be completed anytime in the evening/night at home and won't take much of your time daily, you don't have to be online all day and don't need any professional skill to do the job, all you need is just come online before going to bed to forward all order of the day made by agents to the supplier and you are done for the day.
PHISHING EXAMPLE: student email directly
Hi Student, I am Dr Ralph Abraham, I feel comfortable discussing this WORK- STUDY opening with you since you were referred by the university chamber of commerce. I am very busy, that is why I have asked for your help as my temporary personal assistant. I provide individual and group therapy, coaching, assessment and many University students with academic difficulties and no prior diagnosis are seen and assessed through the academic screening and assessment process.

September 9, 2021

WEX/Discovery Benefits Email

The UC Office of the President has notified us that UC employees received an email yesterday from WEX Health (formerly Discovery Benefits) alerting them to a change in the profile information in their online WEX account. You do not need to respond to their message. This change was made in error and is being corrected. Please note that the error is not the result of a security breach and UC employee data has not been compromised.

August 18, 2021

PHISHING EXAMPLE: Attention: website.berkeley.edu DMCA Copyright Infringement Notice
Hello! My name is Shafaq. Your website or a website that your company hosts is infringing on a copyright-protected images owned by myself. Take a look at this document with the links to my images you used at website.berkeley.edu and my earlier publications to get the evidence of my copyrights. Download it right now and check this out for yourself: hxxps://sites.google.com/view/a0hf49gj29g-i4jb48n5/drive/folders/shared/1/download?ID=308682351554855915 I believe you have willfully infringed my rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damages as high as $150,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

July 27, 2021

MacOS, iPadOS, and iOS Local Privilege Escalation Vulnerability (CVE-2021-30807)
A software update was released fixing a local privilege escalation vulnerability affecting MacOS, iPadOS, and iOS. A proof of concept exploit has been publicly released and Apple reports this vulnerability is currently being exploited.

July 12, 2021

PHISHING EXAMPLE: Research Assistant
Berkeley University of California is seeking an Research Assistant / services of a competent Undergraduate Student Administrative Assistant to work Part-time and get paid $350 weekly. Tasks will be carried out remotely. If interested, Do text your name to (808) 378-1179 so as to proceed Bernhard Boser Professor, (808) 378-1179. 490A Cory Hall

May 26, 2021

PHISHING EXAMPLE: UPDATE REQUIRED ON @berkeley.edu
Outgoing Mail Error Due to server error, 6 new mails you sent from recipient@berkeley.edu are stucked in berkeley.edu Release below to re-send all stuck emails to the destination boxes. Release Emails This is a mandatory berkeley.edu webmail service sent to recipient@berkeley.edu

May 19, 2021

PHISHING EXAMPLE: DC Dox
matbrown19732@gmail.com has shared the following document: DC.docx [image: Unknown profile photo]Jim Knowlton shared a file with you Open matbrown19732@gmail.com is outside your organization. Google Drive: Have all your files within reach from any device. Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA [image: Logo for Google Drive]
PHISHING EXAMPLE: Account Suspension Request
Access to recipient@berkeley.edu will be suspended as per request received by admin at 5/12/2021 11:21:48 p.m. UTC. If you would like to cancel this request you may proceed below. *Cancel Now * Best Regards,
PHISHING EXAMPLE: Lab Report
This is to inform you that your laboratory result is ready. You can access your results via the following link: https://results.pmhlaboratoXXXXXXXXX.html(link is external) You must provide your NAME and DATE OF BIRTH in addition to the following code in order to see the report: POP UP BLOCKERS MUST BE DISABLED TO DOWNLOAD PDF REPORTS Patient Initials: A.B. Access code: 8625150102

May 18, 2021

PHISHING EXAMPLE: You recently made a request to deactivate email.
Dear Customer, You recently made a request to deactivate email. This request will be processed shortly. If you did not make this request, cancel the request now. Cancel Deactivation If you do not cancel this request, your account will be deactivated and all your email data will be lost. Sincerely, Your berkeley.edu Internet Team

April 16, 2021

Why Reusing Passwords is a Bad Idea

"I have a really great passphrase, it's long and easy to remember, so I use it on all my accounts."

Sound familiar? Why is it so hard for us to abandon this idea that reusing passphrases is a bad idea? Well, we're humans and humans tend to rationalize to confirm our decisions. "What are the chances that someone will get my password and compromise my account, I mean, will that really happen to me?" Well, it turns out it does - and more frequently that you might imagine.

April 5, 2021

UC Email Security Incident Notice

Updated May 11, 2021:

UCOP Notice to UC Community: https://ucnet.universityofcalifornia.edu/data-security/index.html

Updated Apr. 15, 2021:

March 31, 2021

IRS Warning of Impersonation Attacks Targeting Universities

Mar. 31st - The Internal Revenue Service issued a warning of an ongoing IRS-impersonation scam that appears to primarily target educational institutions, including students and staff who have ".edu" email addresses. The phishing emails appear to target university and college students from both public and private, profit and non-profit institutions.

The fraudulent email displays the IRS logo and uses various subject lines such as "Tax Refund Payment" or "Recalculation of your tax refund payment." It asks people to click a link and submit a form to claim their refund. 

February 19, 2021

PHISHING EXAMPLE: UPDATE EMAIL: Don't lose access to your account!!
Security Notice! Dear XXXX, Our security system has detected some irregular activity connected to your account. you will be unable to send and recieve emails until this issue has been resolved CLICK HERE TO VALIDATE NOW To prevent further irregular activity we will restrict access to your account within 72 hours if you did not validate your account. *Note:* Mail Administrator will always keep you posted of security updates. Mail Admin

February 11, 2021

Microsoft Patches for CVE-2021-24074 and CVE-2021-24094
This month Microsoft released patches for multiple serious vulnerabilities in the Windows TCP/IP network stack (including CVE-2021-24074, CVE-2021-24094)[1,2]. These vulnerabilities can allow for remote code execution. Additionally, Microsoft appears to have released patches for Windows 7 and Windows Server 2008 which are officially no longer supported.

January 26, 2021

Buffer Overflow in Sudo - Root Privilege Escalation Vulnerability (CVE-2021-3156)
A serious heap-based buffer overflow has been discovered in sudo that is exploitable by any local user. The flaw can be leveraged to elevate privileges to root, even if the user is not listed in the sudoers file. User authentication is not required to exploit the flaw. Researchers have developed working exploits against Ubuntu, Debian, and Fedora Linux distributions. Other UNIX-based operating systems and distributions are also likely to be exploitable. [1] [2]

November 30, 2020

Phishing Example: 2020 FACULTY EVALUATION
Google Forms Jim Knowlton invited you to fill out a form: 2020 FACULTY EVALUATION Designed for Microsoft and Office 365 users only FILL OUT FORM hxxps://docs.google.com/forms/d/e/1FAIpQLSfUCvno3DdViZI24_kfsFi7EPalW7aAMJIAZvsGCzvvrQX_Ew/viewform?vc=0&c=0&w=1&flr=0&usp=mail_form_link Create your own Google Form
Phishing Example: ELIGIBILITY AND ASSESSMENT
Google Forms Jim Knowlton has shared a file with you using one drive. ELIGIBILITY AND ASSESSMENT Designed for Microsoft and office 365 users only FILL OUT FORM hxxps://docs.google.com/forms/d/e/1FAIpQLSd2hyLMl01_lJ9NG2Aj4QxXJrQ1ChJ42W0Ubx-FHIu8iT4QSA/viewform?vc=0&c=0&w=1&flr=0&usp=mail_form_link Create your own Google Form