What makes this a Phishing message?
This message has been forged to appear to come from a real staff member in the Office of the Registrar, which, along with the "CONFIDENTIALITY NOTICE", gives it the appearance of a valid official message. There are a few strange items that stand out however:
- There is no recipient name in the "To:" field. That usually indicates that the message was "blind carbon-copied" to recipients and the sender is trying to hide something.
- The message is not specific about what "vital info" is being shared, this should seem very suspicious to the recipient if they were not expecting a message from the Office of the Registrar.
- Hold your cursor over the URL link and you will see that it is not really directed to Google Docs - it is actually a link to a fake Calnet login page where the user's account name and password can be intercepted.
(Nice touch adding the "consider the environment" note at the end of the message - very convincing coming from an @berkeley.edu address).
From: <sender's name removed>
CONFIDENTIALITY NOTICE: This e-mail and any transmitted files are private and confidential and are solely for the use of the recipient(s) to whom it is addressed. Any unauthorized review, use, disclosure, distribution or copying of this communication is strictly forbidden. If you have received this communication in error, please delete and immediately notify the sender via the e-mail return address. Thank you for your compliance.
Please consider the environment before printing this e-mail