Cybersecurity Awareness

Fake: Phony Docusign Termination Email

October 1, 2024

What makes this a phishing message?

This email has been specifically targeting UC Berkeley Executives and asks them to click a link and enter their credentials to review an employee termination agreement.

Tips if Something Seems Off:

The sender name indicates an official Docusign like service, but is allegedly from OnlineSIGN-DOC, EDOC-ReadytoSign, or OnlineSignDESK-Ready.

When the recipient hovers a cursor over the link, it goes to an unknown third party site. If the link would be clocked, the target will be asked to login and the credentials will be stolen.

Report and/...

Read more about Fake: Phony Docusign Termination Email

Fake: One of Your Students has Covid Phish

November 12, 2024

This fake email was sent to a number of teaching faculty members, alerting them falsely that they were exposed to a student in class with Covid.

What makes this a phishing message?

This targeted phishing scam pretending to be a UC WarnMe Health alert.

This targeted phishing scam uses urgency and fear to cause the recipients to act, the text is also very well done and the non-UCB link is obscured.

Tips if Something Seems Off:

UC Berkeley Help Desks will NEVER initiate contact directly via text to personal cell phone numbers.

Although the link is obscured, it...

Read more about Fake: One of Your Students has Covid Phish

Phony Remote virtual Assistant Job

December 2, 2024

This is a fraudulent offer for a remote assistant position. The scammer will impersonate a real UCB professor or department and try to take the conversation offline to a 'personal email' address.

Common bogus email subject lines include:

'Approved Part - Time Job ( Offer For Staffs & Students )'

'VIRTUAL PERSONAL ASSITANT JOB (REMOTE)'

'**NEW INTERNSHIP OFFER**'

'Internship Opportunities at University of California, Berkeley'

'Research Assistant Position'

What makes this a phishing message?...

Read more about Phony Remote virtual Assistant Job

Fake Email Account Suspension email

December 2, 2024

This fake email termination message was received by many users allegedly telling them their campus email account would be suspended.

Commonly used phony subject lines include:

'ADVANCE WARNING'

'***Urgent*** Your Account Will Be Suspended'

'ATTENTION!!! Actin Needed Now'

Tips if Something Seems Off:

UC Berkeley Help Desks will NEVER initiate contact directly via test to personal cell phone numbers

No technician will ever ask you to send them a password, DUO push code or other secret account information, especially in an insecure...

Read more about Fake Email Account Suspension email

Fake UC Berkeley Financial Support Program

December 4, 2024

This phony email was sent impersonating a UC Berkeley administrative department. It was attempting to get users to click with a bogus $2,250 financial bonus for eligible faculty and staff.

What makes this a phishing message?

The sender is not an @berkeley.edu sender and the login page is NOT an official CalNet CAS page.

This targeted phishing scam uses financial motivation and curiosity to attempt to get campus affiliates to send their usernames, emails, and passwords.

Tips if Something Seems Off: You will never be asked to enter your credentials into any non UCB page...

Read more about Fake UC Berkeley Financial Support Program

Phony Staff Assessment Doc Link

January 21, 2025

This phony Staff Assessment notification was received by many bMail users. It is part of a credential stealing attempt.

What makes this a phishing message?

The senders email is not a @berkeley.edu email, likely a compromised account from the Austin, TX school district @austinisd.org

This targeted phishing scam uses urgency indicating a task to complete.

The target page below is a free Jot webform. campus users will never be asked to enter their CalNet credentials in any site that is not a UCB CAS authentication page.

The most recent Frauds have had subject lines...

Read more about Phony Staff Assessment Doc Link

Jan 2025 bCourses Audit Attempts

January 22, 2025

An ineligible former Summer Session student is attempting to contact faculty directly and be added to many bCourses.

What makes this a phishing message?

In the Spring of 2024, a very similar incident occurred. The messages are usually send from an @gmail.com account, but may come from @berkeley.edu emails.

The reason for attempting to gain access to course materials seems unclear and the requests have come from both @berkeley.edu addresses and personal accounts like @gmail.com. Please remember that even if an email comes from a legitimate @berkeley.edu address, the sender...

Read more about Jan 2025 bCourses Audit Attempts

MSSND: How to Secure Devices

Device Security

If you have a personally-managed Windows, Mac, IOS, or Android device that needs to comply with MSSND requirements, follow the step-by-step instructions below for how to configure your device to meet campus policy.

MSSND #1: Patching and Updates

We also provide optional guidance to assist with achieving the “...

Read more about MSSND: How to Secure Devices

Training

Discover security training courses and tools

Annual Cybersecurity Awareness Training

This mandatory, computer-based training covers a variety of information security topics and is accessed through the UC Learning Center, supported by Berkeley People & Culture. Additionally, you can access the course via the information on the People and Culture UC Cyber Security Awareness...