Cybersecurity Awareness

Security Related Events

Fake: One of Your Students has Covid Phish

November 12, 2024

This fake email was sent to a number of teaching faculty members, alerting them falsely that they were exposed to a student in class with Covid.

What makes this a phishing message?

This targeted phishing scam pretending to be a UC WarnMe Health alert.

This targeted phishing scam uses urgency and fear to cause the recipients to act, the text is also very well done and the non-UCB link is obscured.

Tips if Something Seems Off:

UC Berkeley Help Desks will NEVER initiate contact directly via text to personal cell phone numbers.

Although the link is obscured, it...

Home

Toolkits

Cybersecurity Awareness Month 2024

Every October, we celebrate Cybersecurity Awareness Month (CAM) by offering guidance on safeguarding your data. Technology plays a role in everything we do to support the mission of teaching, research, and public service at Berkeley.

Take these actions to help protect your devices and data, and check out last year's CAM materials!

NCSAM 2018

Smart Cybersecurity Habits

As we begin to spend more and more of our time online, it's becoming increasing important to be able to properly protect ourselves. Follow these 8 tips for forming new and better online habits:

Think twice before clicking on links or opening attachments. Verify requests for private information. Protect your passwords. Protect your stuff! Lock it up or take it with you. Keep your devices, browsers and apps up to date. Back up critical files. Delete...

Fake: Phony Docusign Termination Email

October 1, 2024
What makes this a phishing message?

This email has been specifically targeting UC Berkeley Executives and asks them to click a link and enter their credentials to review an employee termination agreement.

Tips if Something Seems Off:

The sender name indicates an official Docusign like service, but is allegedly from OnlineSIGN-DOC, EDOC-ReadytoSign, or OnlineSignDESK-Ready.

When the recipient hovers a cursor over the link, it goes to an unknown third party site. If the link would be clocked, the target will be asked to login and the credentials will be stolen.

Report and/...

Fake: New Sextortion Scam with Geolocation Data

October 1, 2024
What makes this a phishing message?

This is a classic 'sextortion' hoax from a random GMail email address.

https://www.bbb.org/article/news-releases/20517-scam-alert-beware-of-sextortion-emails

Tips if Something Seems Off:

The anonymous fraudster is now using leaked home address information to induce more fear in the recipients. The data likely came from a recent data breach, possibly the National Public Data (NPD) data release.

...

Security Tips for International Travel

International TravelFor members of the campus community, a trip to a foreign country presents unique data security challenges. The nature of international travel requires you to use your device (laptop, tablet or smartphone) in various unfamiliar places that may expose your data and device to malicious people and software.

...

Top 10 Secure Computing Tips

Top Ten Secure Computing Tips"Top 10" List of Secure Computing Tips Tip #1 - You are a target to hackers

Don't ever say, "It won't happen to me." We are all at risk and the stakes are high - both for your personal and financial well-being and for the university's standing and reputation.

Cybersecurity is everyone's...