PHISHING EXAMPLE: English Dept. (Prof. Duncan) Job Offers

January 19, 2022

What makes this a phishing message?

This very simple, but effective, targeted phishing scam used the name of an actual Berkeley professor to send out a call for research assistant work, with the intention of stealing money from the victims.

There are a few clues that the message is a forgery:

  • The criminal is sending from a gmail.com account instead of an @berkeley.edu address
    • a sample of the emails used: 

powelm538@gmail.com
raymond.incorporation@gmail.com
lindashaw604@gmail.com
westwoodlopez74@gmail.com
ian137082@gmail.com
iand30578@gmail.com
kimchang702@gmail.com
wdenis440@gmail.com
officialduncan02@gmail.com
valleepearls@gmail.com
ian373485@gmail.com
ianduncan432@gmail.com
duncanian925@gmail.com
ian373485@gmail.com
raymond.incorporation@gmail.com

  • The criminal also used several different subject lines including:

University of California
University of California Berkeley
ONLINE ASSISTANT IS NEEDED $500 WEEKLY!
VACANCY $400 WEEKLY
Re: RA position
Re: Research position
Re: Student RA Application
Urgent Reply Is needed

Remember: 

  • If you receive an email containing a message that you did not expect, especially with words like "Urgent" or "Response Needed" do not engage. 
  • If the email is unsolicited and offers money, do not engage.
  • If you are ever unsure if an email is legitimate, please reach out to phishing@berkeley.edu

If you have received one of these messages and shared correspondence with the scammer, we recommend that you cease correspondence immediately and contact UCPD if there have been any financial transactions.

Original Message:

From: Various
Subject: Various 

University of California, Berkeley. Dept English urgently requires the
services of student research assistants to work remotely and get paid $
350 weekly.

The research position is open to students from any department of the
institution and tasks can be carried out remotely.
To proceed with the application process, contact Dr.Ian Duncan on
(415)763-5246* via text message stating your full name, email address,
year of study, and department to receive the job description and further
application requirements.

Best regards

Ian Duncan(Professor)

English Department
University of California, Berkeley

*Alternate phone number used:
contact Dr.  Ian Duncan on  (408) 389-0149

Return to The Phish Tank or Phishing Examples Archive

Topics

Warning:  The links and email addresses included in these messages are from real-life examples, do not attempt to explore them.

The most dangerous links have been removed - you can hover your cursor over these links to see the original address in a pop-up techtip (instead of in the corner of the browser window).

How to report phishing:

  • Open the message

  • To the right of 'Reply' arrow

  • Select 'More' (typically denoted with three vertical dots)

  • Then 'Report phishing'

If you are unable to log into bMail, forward the message to phishing@berkeley.edu