Cybersecurity Awareness

Multiple Phishing Attacks to Redirect Payroll in UCPath

May 15, 2025

We are seeing a spike in sophisticated tactics used to phish for credentials that are then used in concert with other methods to redirect direct deposit routing in UCPath.

These new tactics involve phishing emails, text messages, and highly accurate - but fake - UCPath websites.

What makes these phishing?

This targeted phishing scam impersonates the UC Berkeley Duo Admin to create fear and cause the recipients to act, scanning the QR code, leading to a malicious link.

This...

Education & Awareness

Toolkits

Home

Fake Debt Collection Google Doc Share

April 17, 2025

Unknown parties are sending fake Google Doc Shares with an urgent subject line. They usually refer to lawsuits or debt collection.

The bad actor is using the same Google Doc service, so the 'from' email will be the service email (via Google Drive)" <drive-shares-noreply@google.com>. The name of the sender

"Lаthаm & Wаtkins Dеbt ...

"MоrgɑnLеwis© - Suppоrt...

is made to sound official but is fake.

...

Security Tips for Travel

Traveling comes with certain data security risks. Using devices like laptops, tablets, or smartphones in unfamiliar locations can expose them to threats. Connecting to public networks in hotels and airports often lacks robust security, making them easy to target.

Consider adding the following data security safeguards to your travel checklist: before, during, and after your trip. If you have any questions about securing your data on your trip, email security@berkeley.edu.

If...

Jan 2025 bCourses Audit Attempts

January 22, 2025

An ineligible former Summer Session student is attempting to contact faculty directly and be added to many bCourses.

What makes this a phishing message?

In the Spring of 2024, a very similar incident occurred. The messages are usually send from an @gmail.com account, but may come from @berkeley.edu emails.

The reason for attempting to gain access to course materials seems unclear and the requests have come from both @berkeley.edu addresses and personal accounts like @gmail.com. Please remember that even if an email comes from a legitimate @berkeley.edu address, the sender...

Fake Electronic Payment ACH Message

April 9, 2025

Many bMail account holders have recently received fake messages indicating an ACH Payment or Electronic Fund transfer.

What makes this a phishing message?

This targeted phishing scam pretending to be a UC Berkeley technician. This targeted phishing scam uses urgency and fear to cause the recipients to act, threatening loss of service (email). The email often come from @GMail accounts and indicate a payment has been made or is pending. The malicious intent of the scammer is to get payment details so they can take those credentials and initiate a fraudulent payment, or steal the...

What is your role in protecting Berkeley Campus Data?


Have you ever copied a work file to your USB drive or home computer at the end of the day and wondered, "Is it safe to copy this data Classification Level Pyramidhere?" Have you ever sent an email with a Social Security Number, a credit card number or student grades and wondered "Should I send this in email?"

You are not alone in asking these questions....

Security Basics: 101

The basics of campus information security boil down to the following three concerns: Protecting Yourself, Protecting Devices, and Protecting Data

Protecting Yourself

Protect your personal information by following guidelines for managing passwords, learning how to avoid phishing scams, and by remembering secure computing practices at all times.

collapse all...