These are targeted and simple forms of phishing emails designed to get victims to click on a fake Google Docs link that contains malicious content.
Tips if Something Seems Off:
Double-check the email address before responding
Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust.
Follow up with the sender separately
If you didn’t expect it, reject it. Or follow-up with the individual directly in a separate email or call/text to confirm.
Report and/or flag it
-
Open the message
-
To the right of 'Reply' arrow
-
Select 'More' (typically denoted with three vertical dots)
-
Then 'Report phishing'
If you are unable to log into bMail, forward the message to phishing@berkeley.edu For more information visit https://security.berkeley.edu/resources/phishing
Examples of these types of attacks include:
Original Message:
RE: at the office From: Gabriella Finley <postmaster@m.withgolfinmind.com> To: user@uhs.berkeley.edu Subject: RE: at the office Date: Mon, 2 Nov 2020 20:47:30 +0000 , I will come to Uc Regents; soon and send your request about 2 weeks of vacation and payments to you. Very sorry. Open this recourse to preview the document (if the link doesn't work, copy it and paste to browser): hxxps://docs.google.com/document/d/e/2PACX-1vQeBPGXB5xGJ9m7RA7RGTEFgpWSAbr-nlOeOYerk4PG0IM_-6b148qM8RUERKw1GhKG5Z5rQpiUaSEF/pub Outsourcing director notice