Phishing Examples

Phishing Example: Evaluation of UCRP Benefits for University of California, Berkeley

July 5, 2020
Employee Crook, Each year, as an employee of University of California, Berkeley you are eligible to schedule a phone call, teleconference, or in-person meeting off campus with a representative for answers to your specific state, federal and individual retirement benefit questions. At your consultation you will be provided with information on what your expected income will be from UCRP when you retire, and how much longer you will have to work. You will also receive advice on the best ways to utilize your 401(a) options with your UCRP and/or Social Security benefits. *Please be sure to indicate which type of appointment you prefer (off-campus, phone call, or teleconference) in the notes section while scheduling. Please also include your direct cell phone number.*

Phishing Example: (ITCS Notification:) Account Irregular Activity Detected [INC1147653]

September 3, 2020
UC Berkeley | IT Client Services Hello, This is an automated official communication from Berkeley IT Client Services Ticket system in reference to the incident number below. Ticket INC1147653 has been created from the recent activities in your CalNet - ID credentials. ITCS system have detected an irregular activity related to your UC Berkeley CalNet ID credentials. As a precautionary measure, we will temporary block your account and should be moving it to our backup server but we need your help to do this effectively otherwise you may lose your login information and data at the end of the Duo Account Migration & Quarantine clean-up process.

Phishing Example: Security Notice - Fix Security Info Now

September 4, 2020
Dear berkeley.edu member, As a precautionary measure we have restricted access to your account until your validate has been changed . To prevent further irregular activity, you will be unable to send out any emails unties issue has been resolved To fix security info, click below to validate.

Phishing Example: BERKELEY UNIVERSITY WORK FROM SCHOOL OR HOME PART TIME FALL 2020

October 5, 2020
Dear student! I'm Professor Douglas Ignacio. Senior Policy Advisor at the Student Unemployment Assistance Program (SUAP).SUAP is committed to provide significant benefits for students who are currently unemployed or who lost their jobs due to COVID-19 Pandemic to have equal right and opportunity, to be economically self-sufficient, and to earn and save without jeopardizing access to the services and supports that allow them to live and work independently. You have received this email because you have an offer from the University Education Department Office for unemployed students to work with me as my temporary Online Virtual Assistance. typical Duties: You will only help me mail letters if need be, make online bill payments and sometimes at the retail stores, purchase some items when necessary. You

Phishing Example: 2020 FACULTY EVALUATION

November 30, 2020
Google Forms Jim Knowlton invited you to fill out a form: 2020 FACULTY EVALUATION Designed for Microsoft and Office 365 users only FILL OUT FORM hxxps://docs.google.com/forms/d/e/1FAIpQLSfUCvno3DdViZI24_kfsFi7EPalW7aAMJIAZvsGCzvvrQX_Ew/viewform?vc=0&c=0&w=1&flr=0&usp=mail_form_link Create your own Google Form

Phishing Example: RE: staff opinion

November 30, 2020
Good day, Please, answer the questions Employee Survey – it won`t take long. Waiting for you to go through this survey ASAP. You can find the survey here: hxxps://docs.google.com/document/d/e/2PACX-1vSjKdTddXL-psR2rYotGSJuwOeBHUKkulbrhy78PHX6VtdJWFurH9mEmeV8PLVm1t4P5W0msKzpCg3N/pub HR Department Analyst Uc Regents;

PHISHING EXAMPLE: DC Dox

May 19, 2021
matbrown19732@gmail.com has shared the following document: DC.docx [image: Unknown profile photo]Jim Knowlton shared a file with you Open matbrown19732@gmail.com is outside your organization. Google Drive: Have all your files within reach from any device. Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA [image: Logo for Google Drive]

PHISHING EXAMPLE: UPDATE EMAIL: Don't lose access to your account!!

February 19, 2021
Security Notice! Dear XXXX, Our security system has detected some irregular activity connected to your account. you will be unable to send and recieve emails until this issue has been resolved CLICK HERE TO VALIDATE NOW To prevent further irregular activity we will restrict access to your account within 72 hours if you did not validate your account. *Note:* Mail Administrator will always keep you posted of security updates. Mail Admin

Phishing Example: RE: at the office

November 30, 2020
, I will come to Uc Regents; soon and send your request about 2 weeks of vacation and payments to you. Very sorry. Open this recourse to preview the document (if the link doesn't work, copy it and paste to browser): hxxps://docs.google.com/document/d/e/2PACX-1vQeBPGXB5xGJ9m7RA7RGTEFgpWSAbr-nlOeOYerk4PG0IM_-6b148qM8RUERKw1GhKG5Z5rQpiUaSEF/pub Outsourcing director notice

PHISHING EXAMPLE: You recently made a request to deactivate email.

May 18, 2021
Dear Customer, You recently made a request to deactivate email. This request will be processed shortly. If you did not make this request, cancel the request now. Cancel Deactivation If you do not cancel this request, your account will be deactivated and all your email data will be lost. Sincerely, Your berkeley.edu Internet Team