May 20, 2016
What makes this a Phishing message?
The header information is missing from this message, so there is not much here that might help identify this email as fraudulent. A couple of clues do stand out:
- Instructions from IT Support or Security requesting for you to click on a link and enter credentials to prevent your access from expiring is a very common ploy to trick users into exposing their account name and password. Don't fall for it.
- The URL link is highly suspicious and dangerous:
- The top-level domain of the host "bcourses.berkeley.cnea.gq" is from Equatorial Guinea.
- The long list of characters following "login" is unusual and should alert the recipient that something is amiss.
- The URL link leads to a login page that looks exactly like the Calnet login - but it is a fake that is designed to steal your account name and password.
- If you search the campus directory, you will find there is no Mary Patel in Security.
Original Message:
|
Dear User, This message is to inform you that your access to bCourses will soon You need to reactivate it just by logging in through the following URL. A If you are not able to login, please contact Mary Patel at mpatel@berkeley.edu for immediate Sincerely, Mary Patel |
