The Phish Tank

Phishing Impersonation

Welcome to the "Phish Tank"

This page highlights examples of phishing emails received on campus. These examples are intended to educate every Berkeley email user on how to spot a phish. If you receive an email not listed here and that seems suspicious, report it via the methods listed above. For more tips on avoiding phish, visit our Fight the Phish page.

How to report phishing:

  • Open the message

  • To the right of 'Reply' arrow

  • Select 'More' (typically denoted with three vertical dots)

  • Then 'Report phishing'

If you are unable to log into bMail, forward the message to phishing@berkeley.edu

Fake: One of Your Students has Covid Phish

November 12, 2024

This fake email was sent to a number of teaching faculty members, alerting them falsely that they were exposed to a student in class with Covid.

What makes this a phishing message?

This targeted phishing scam pretending to be a UC WarnMe Health alert.

This targeted phishing scam...Read more about Fake: One of Your Students has Covid Phish

Fake: Phony Docusign Termination Email

October 1, 2024
What makes this a phishing message?

This email has been specifically targeting UC Berkeley Executives and asks them to click a link and enter their credentials to review an employee termination agreement.

Tips if Something Seems Off:

The sender name indicates an official Docusign like...Read more about Fake: Phony Docusign Termination Email

Fake: New Sextortion Scam with Geolocation Data

October 1, 2024
What makes this a phishing message?

This is a classic 'sextortion' hoax from a random GMail email address.

https://www.bbb.org/article/news-releases/20517-scam-alert-beware-of...Read more about Fake: New Sextortion Scam with Geolocation Data

Fake: URGENT: COVID-19 Variant Case Alert

July 3, 2024

This phony potential Covid contact alert was received by many users sent to their Campus bMail accounts.

What makes this a phishing message?

This targeted phishing scam is using a fake UC Berkeley email address

From: UC Berkeley Alerts <...Read more about Fake: URGENT: COVID-19 Variant Case Alert

PHISHING EXAMPLE: Phony Email confirmation Text Message

June 11, 2024

This fake email termination notification was received by many users on their personal cell phone numbers via text message.

What makes this a phishing message?

This targeted phishing scam is pretending to be a UC Berkeley technician and uses urgency and fear to cause the recipients...Read more about PHISHING EXAMPLE: Phony Email confirmation Text Message

PHISHING EXAMPLE: Fraudulent 'Broken Lab Equipment' Scam

January 30, 2024
What makes this a phishing message?

This targeted phishing scam impersonates the UC Berkeley faculty member or campus lab manager.

This email is sent to the parents of a student working in a campus lab. It invents a phony 'accident' that damaged an expensive piece of lab equipment and...Read more about PHISHING EXAMPLE: Fraudulent 'Broken Lab Equipment' Scam

Fake DUO Authentication Request

October 9, 2023
What makes this a phishing message?

This targeted phishing scam impersonates the UC Berkeley Duo Admin to create fear to cause the recipients to act, scanning the QR code which leads to a malicious link.

This targeted phishing scam uses urgency and fear to cause the recipients to act,...Read more about Fake DUO Authentication Request

PHISHING EXAMPLE: Phone Fraud, Chinese Consulate

February 8, 2023
If you are unable to log into bMail, forward the message to phishing@berkeley.edu. For more information visit https://security.berkeley.edu/resources/phishingRead more about PHISHING EXAMPLE: Phone Fraud, Chinese Consulate

Students: Beware of employment scams via email

December 7, 2023

Every year, students at UC Berkeley are scammed out of thousands of dollars via fake employment offers. Beware of unsolicited emails, phone calls, texts or even facebook messages offering internship or employment...Read more about Students: Beware of employment scams via email

PHISHING EXAMPLE: Email Account Removal

May 6, 2022
Dear recipient We have received your cancellation request and you are no longer subscribed to security.berkeley.edu If you did not request cancellation, kindly click below to reactivate your account.Read more about PHISHING EXAMPLE: Email Account Removal

PHISHING EXAMPLE: CAUTION : eMail Account Block

May 6, 2022
Attention recipient , We have received your request to terminate your email account below, and the request will be concluded within 12hours from now.Read more about PHISHING EXAMPLE: CAUTION : eMail Account Block

PHISHING EXAMPLE: Norton

February 15, 2022
Welcome Subscriber; Your Annual membership for NORTON 360 TOTAL PROTECTION has been renewed and updated successfully. The amount charged will be reflected within the next 24 to 48 hrs on your profile of account. Product Information: INVOICE NO. @ GGH1644259106OV ITEM NAME @ NORTON 360 TOTAL...Read more about PHISHING EXAMPLE: Norton