Phishing Example: BERKELEY UNIVERSITY WORK FROM SCHOOL OR HOME PART TIME FALL 2020

October 5, 2020

These are targeted and simple forms of phishing emails designed to get victims to interact and establish a rapport. The messages start out as basic greetings or job opportunities and then progress into requests for money or data.

Tips if Something Seems Off:

Double-check the email address before responding

Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust.

Follow up with the sender separately

If you didn’t expect it, reject it. Or follow-up with the individual directly in a separate email or call/text to confirm.

Report and/or flag it

  • Open the message

  • To the right of 'Reply' arrow

  • Select 'More' (typically denoted with three vertical dots)

  • Then 'Report phishing'

If you are unable to log into bMail, forward the message to phishing@berkeley.edu For more information visit https://security.berkeley.edu/resources/phishing

Examples of these types of attacks include:

Original Message:

---------- Forwarded message ---------
From: Winters, Morgan R <[email redacted]@siu.edu>

Subject: BERKELEY UNIVERSITY WORK FROM SCHOOL OR HOME PART TIME FALL 2020

Dear student!

I'm Professor Douglas Ignacio. Senior Policy Advisor at the Student
Unemployment Assistance Program (SUAP).SUAP is committed to provide
significant benefits for students who are currently unemployed or who lost
their jobs due to COVID-19 Pandemic to have equal right and opportunity, to
be economically self-sufficient, and to earn and save without jeopardizing
access to the services and supports that allow them to live and work
independently. You have received this email because you have an offer from
the University Education Department Office for unemployed students to work
with me as my temporary Online Virtual Assistance. typical Duties: You will
only help me mail letters if need be, make online bill payments and
sometimes at the retail stores, purchase some items when necessary. You
will be paid in advance for all tasks and purchases done on my behalf. I am
off campus at the moment. Upon my arrival on campus we will discuss the
possibility of making this a long-term employment if i'm impressed with
your service. Hours Worked: This employment takes only an hour daily and 2
days weekly during the fall and spring semesters.


Compensation: $450/Week. To Apply : Please forward all applications
including Full name, Address, Alternate email (different from school email)
and mobile number Attached Resume( Its okay if you do not have resume to
attach). Please its highly important that you reply and send above
information to my personal email address ([email redacted]@gmail.com) so i can
respond back to you immediately.

Return to The Phish Tank or Phishing Examples Archive

Topics

Warning:  The links and email addresses included in these messages are from real-life examples, do not attempt to explore them.

The most dangerous links have been removed - you can hover your cursor over these links to see the original address in a pop-up techtip (instead of in the corner of the browser window).

How to report phishing:

  • Open the message

  • To the right of 'Reply' arrow

  • Select 'More' (typically denoted with three vertical dots)

  • Then 'Report phishing'

If you are unable to log into bMail, forward the message to phishing@berkeley.edu