Phishing Example: URGENT REQUEST (Email Impersonation)

June 30, 2020

Below is a widely used spear phishing scam, termed “Business Email Compromise (BEC)" or otherwise known as CEO Fraud. These attacks are spear phishing scams designed to impersonate someone you know in an attempt to gain access to sensitive information or to encourage you to transfer funds or provide gift cards. 

Tips if Something Seems Off:

Double-check the email address before responding

Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust.

Follow up with the sender separately

If you didn’t expect it, reject it. Or follow-up with the individual directly in a separate email or call/text to confirm.

Report and/or flag it

To flag it in bMail open the message and next to Reply click the three dots and select "Report phishing". Not sure if it's a phish? Email sends e-mail) or call 510 664-9000. For more information visit

Examples of these types of attacks include:

Original Message:


Are you available ?

No calls text only 9513072XXX


Carol T Christ


Berkeley University of California

Original Message (Additional Examples):

Subject:  Quick question

I'm in a meeting and need help getting some Amazon Gift Cards

<Name Removed>
University of California, Berkeley

Subject:  URGENT REQUEST: What number can I text you at?


<Name Removed>
University of California, Berkeley

Warning:  The links and email addresses included in these messages are from real-life examples, do not attempt to explore them.

The most dangerous links have been removed - you can hover your cursor over these links to see the original address in a pop-up techtip (instead of in the corner of the browser window).

How to report phishing:

  • Open the message

  • To the right of 'Reply' arrow

  • Select 'More' (typically denoted with three vertical dots)

  • Then 'Report phishing'

If you are unable to log into bMail, forward the message to