Why is this a Phishing message?
This is actually a targeted phishing message, or "spear phishing" message. It was targeted to staff members at Berkeley and UCLA campuses and appeared to come from the UC Office of the President. The message was "spoofed" to appear to come from Janet Napolitano, requesting staff members to send a copy of their W2 form by email.
No campus official would ever request staff members to share their W2 forms through an unsecured medium, such as email.
|From: *Janet Napolitano* <President@ucop.edu>
Date: Mon, Feb 22, 2016 at 8:17 AM
Subject: 2015 W-2 statement
I need all our employee's reference copies of 2015 W-2 wages and tax
statement, i am working on a review and if you can work on the W2's and
have it sent to me as an attachment this morning that will be
splendid. Via email would be appropriate.