What makes this a phishing message?
This very simple, but effective, targeted phishing scam used a fake job offer to establish rapport with recipients and collect personal information.
There are a few clues that the message is a forgery:
- The criminal is sending from a gmail.com account instead of an @berkeley.edu address
- The criminal claims to have gotten the recipient's information from a Berkeley database despite being unaffiliated with UC Berkeley
Tips if Something Seems Off:
Double-check the email address before responding
Look to make sure the email address is correct. In Gmail hover your mouse over the sender name for the email to display. On a mobile phone or a touchscreen, press and hold the link (don't tap!) to reveal the actual URL. (Look in the bottom left corner of the browser window.) Don't click on a link unless it goes to a URL you trust.
Follow up with the sender separately
If you didn’t expect it, reject it. Or follow-up with the individual directly in a separate email or call/text to confirm.
Report and/or flag it
From: Ron Pierson <firstname.lastname@example.org>
Subject: **WORK FROM HOME*
Date: *6 September 2021, 14:35:43 CDT
We got your contact through your school database and I'm happy to inform
you that our reputable company Cisco Systems Inc® is currently running a
student empowerment program. This program is to help devoted and
hardworking students secure a part time job which does not deter them
from doing any other, you just need a few hours to do this weekly and
with an attractive weekly wages.
KINDLY EMAIL BACK WITH YOUR PERSONAL EMAIL ADDRESS IF INTERESTED IN THIS
Cisco Systems Inc®