Cybersecurity Awareness

Fake UC Berkeley Financial Support Program

December 4, 2024

This phony email was sent impersonating a UC Berkeley administrative department. It was attempting to get users to click with a bogus $2,250 financial bonus for eligible faculty and staff.

What makes this a phishing message?

The sender is not an @berkeley.edu sender and the login page is NOT an official CalNet CAS page.

This targeted phishing scam uses financial motivation and curiosity to attempt to get campus affiliates to send their usernames, emails, and passwords.

Tips if Something Seems Off: You will never be asked to enter your credentials into any non UCB page...

Phony Staff Assessment Doc Link

January 21, 2025

This phony Staff Assessment notification was received by many bMail users. It is part of a credential stealing attempt.

What makes this a phishing message?

The senders email is not a @berkeley.edu email, likely a compromised account from the Austin, TX school district @austinisd.org

This targeted phishing scam uses urgency indicating a task to complete.

The target page below is a free Jot webform. campus users will never be asked to enter their CalNet credentials in any site that is not a UCB CAS authentication page.

The most recent Frauds have had subject lines...

MSSND: How to Secure Devices

Device Security

If you have a personally-managed Windows, Mac, IOS, or Android device that needs to comply with MSSND requirements, follow the step-by-step instructions below for how to configure your device to meet campus policy.

MSSND #1: Patching and Updates

We also provide optional guidance to assist with achieving the “...

Training

Discover security training courses and tools

Annual Cybersecurity Awareness Training

This mandatory, computer-based training covers a variety of information security topics and is accessed through the UC Learning Center, supported by Berkeley People & Culture. Additionally, you can access the course via the information on the People and Culture UC Cyber Security Awareness...

Holiday Shopping

Click here to download a list of tips for safer holiday shopping.All holiday events icons

Shopping online is easy and convenient. Online sales are expected to grow another 11% - 15% this holiday season! Cybercriminals are always working on their next score,...

Security Related Events

Cybersecurity Awareness Month 2024

Every October, we celebrate Cybersecurity Awareness Month (CAM) by offering guidance on safeguarding your data. Technology plays a role in everything we do to support the mission of teaching, research, and public service at Berkeley.

Take these actions to help protect your devices and data, and check out last year's CAM materials!

NCSAM 2018

Smart Cybersecurity Habits

As we begin to spend more and more of our time online, it's becoming increasing important to be able to properly protect ourselves. Follow these 8 tips for forming new and better online habits:

Think twice before clicking on links or opening attachments. Verify requests for private information. Protect your passwords. Protect your stuff! Lock it up or take it with you. Keep your devices, browsers and apps up to date. Back up critical files. Delete...

Top 10 Secure Computing Tips

Top Ten Secure Computing Tips"Top 10" List of Secure Computing Tips Tip #1 - You are a target to hackers

Don't ever say, "It won't happen to me." We are all at risk and the stakes are high - both for your personal and financial well-being and for the university's standing and reputation.

Cybersecurity is everyone's...

Protecting Your Data

Overview:

Data is one of UC Berkeley’s most critical assets. The complexity and volume of the data we are taking in is growing while at the same time regulatory requirements are becoming more stringent. These factors make correctly managing data vital for ensuring its confidentiality, integrity, and availability remain intact.

The data management lifecycle:

Proper handling of data throughout its lifecycle is critical to optimizing its utility, minimizing the potential for errors, and protecting it from breaches. No...