These are targeted and simple forms of phishing emails designed to get victims to click on a link that contains malicious content or steals your credentials.
Tips if Something Seems Off:
Double-check the email address before responding
Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust.
Follow up with the sender separately
If you didn’t expect it, reject it. Or follow-up with the individual directly in a separate email or call/text to confirm.
Report and/or flag it
-
Open the message
-
To the right of 'Reply' arrow
-
Select 'More' (typically denoted with three vertical dots)
-
Then 'Report phishing'
If you are unable to log into bMail, forward the message to phishing@berkeley.edu For more information visit https://security.berkeley.edu/resources/phishing
Examples of these types of attacks include:
Original Message:
From: Mathew Brown (via Google Drive) <drive-shares-dm-noreply@google.com>
Date: Mon, May 17, 2021 at 3:54 PM
Subject: DC.docx
To: recipient@berkeley.edu
matbrown19732@gmail.com has shared the following document:
DC.docx
<hxxps://drive.google.com/file/d/1HqQ9uvKO64OmzdVYk4Gxxxxxxxxxx>
[image: Unknown profile photo]Jim Knowlton shared a file with you
Open
<hxxps://drive.google.com/file/d/1HqQ9uvKO64OmzdVYk4Gxxxxxxx>
matbrown19732@gmail.com is outside your organization.
Google Drive: Have all your files within reach from any device.
Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA [image:
Logo for Google Drive] <hxxp://drive.google.com>