PHISHING EXAMPLE: CAUTION : eMail Account Block

May 6, 2022

What makes this a phishing message?

This targeted phishing scam uses urgency and fear to cause the recipients to act, exposing their personal information. 

Tips if Something Seems Off:

Double-check the email address before responding

Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust.

Follow up with the sender separately

If you didn’t expect it, reject it. Or follow-up with the individual directly in a separate email or call/text to confirm.

Report and/or flag it

  • Open the message

  • To the right of 'Reply' arrow

  • Select 'More' (typically denoted with three vertical dots)

  • Then 'Report phishing'

If you are unable to log into bMail, forward the message to phishing@berkeley.edu For more information visit https://security.berkeley.edu/resources/phishing

Original Message:

Sender

Action Required

eMail Account Block

                                           Closing Of Email Address Notice!

Attention recipient ,

We have received your request to terminate your email account below,
and the request will be concluded within 12hours from now.

Affected Email
Account Details
Domain :        berkeley.edu
User      :                     [recpiient calnet ID]
Email    :
recipient@berkeley.edu
Time     :      4/28/2022 1:23:22 a.m.

   CANCEL REQUEST HERE  

)hxxps://firebasestorage.googleapilt=xxxxxxxxrecipientd@berkeley.edu)

If you did not make this request or you made it by mistake or
unknowingly, quickly take action above to stop this email termination
process, but if you made this request kindly ignore this message as this
account will be terminated soon.


Note:  If you fail to cancel this process above, we advise you to backup
your mails and contacts as you will lose all your messages and contacts
when this email "xxxx@berkeley.edu" account termination is concluded.
©berkeley.edu

Source: Administrator Support ©2022 Cyber security dept
The information contained in or attached to this communication is
intended solely for the use of the individual or entity to whom it is
addressed and others authorized to receive it. It may contain
confidential or legally privileged information. If you are not the
intended recipient you are hereby notified that any disclosure, copying,
distribution or taking any action in reliance on the contents of this
information is strictly prohibited and may be unlawful. If you have
received this communication in error, please notify me immediately by
responding to this email and then delete it from your system. We are
neither liable for the proper and complete transmission of the
information contained in this communication nor for any delay in its
receipt.

Return to The Phish Tank or Phishing Examples Archive

Topics

Warning:  The links and email addresses included in these messages are from real-life examples, do not attempt to explore them.

The most dangerous links have been removed - you can hover your cursor over these links to see the original address in a pop-up techtip (instead of in the corner of the browser window).

How to report phishing:

  • Open the message

  • To the right of 'Reply' arrow

  • Select 'More' (typically denoted with three vertical dots)

  • Then 'Report phishing'

If you are unable to log into bMail, forward the message to phishing@berkeley.edu