Email Impersonation Attacks Attacks Are on the Rise

January 11, 2019

A widely reported spear phishing scam, termed “Business Email Compromise (BEC),” has been targeting universities and other academic institutions. These attacks are spear phishing scams designed to impersonate someone you know in an attempt to gain access to sensitive information or to encourage you to transfer funds or provide gift cards. There has been an increase of these assaults across the University this new year.

Messages tend to come from an account mimicking a known sender. They can start out as basic greetings then progress to requests for money or data. Since the content is highly personalized, it’s often easy to get hooked.

Tips if Something Seems Off:

Double-check the email address before responding

Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. And if you are on a mobile phone? Wait until you can get to a computer.

Follow up with the sender separately

If you didn’t expect it, reject it. Or follow-up with the individual directly in a separate email or call/text to confirm.

Report and/or flag it

To flag it in bMail open the message and next to Reply click the three dots and select "Report phishing". Not sure if it's a phish? Email us at consult@berkeley.edu or call 510 664-9000. For more information visit https://security.berkeley.edu/resources/phishing

Examples of these types of attacks include:

 

Original Message:

From:  XXX.subdomain.berkeley.edu@gmail.com
Subject:  vendor payment
To:  xxxxx@berkeley.edu

Are you around? I need to pay a vendor with the blucard.



<Name Removed>
University of California, Berkeley

Original Message (Additional Example):

From:  XXX.subdomain.berkeley.edu
Subject:  Quick question
To:  xxxxx@berkeley.edu

I'm in a meeting and need help getting some Amazon Gift Cards



<Name Removed>
University of California, Berkeley