Cybersecurity Awareness

PHISHING EXAMPLE: Fraudulent 'Broken Lab Equipment' Scam

January 30, 2024
Luca Giles
What makes this a phishing message?

This targeted phishing scam impersonates the UC Berkeley faculty member or campus lab manager.

This email is sent to the parents of a student working in a campus lab. It invents a phony 'accident' that damaged an expensive piece of lab equipment and asks the parents of the lab member to reimburse the lab for part of the cost of replacement.

This targeted phishing scam uses urgency and fear to cause the recipients to act, extorting money from a phony accident.

Tips if Something Seems Off:

The message is sent from a...

Enabling Full Disk Encryption

Overview

Full disk encryption protects the data on your device in the event it is lost or stolen. Without full disk encryption, if the data drive in the computer is removed, the data can be easily read and accessed. When correctly deployed, full disk encryption requires unauthorized users to have both physical access to your device as well as the password in order to decrypt the data on your device.

However, if both the password and the recovery key are unknown or lost, the device cannot be decrypted and the...

Data Syncing Services

Sync Services

Sync service backups can be set up through Google Drive or Box and both encrypt the data in transit and at rest. However, these services are only suitable for P2 and P3 data - not P4, review what data can be stored in my UC Berkeley Google accounts (bMail,...

Backing Up Your Data

What is a Backup?

A backup is a second copy (or more) of your digital files and it can protect you from data loss. You can access this backup in the event your device or data become inaccessible, destroyed, or damaged. Data loss can occur in many ways: a computer or hardware crash, a lost or stolen device, data corruption, or malware that encrypts it and holds it for ransom.

Two types of backup are sync services and traditional backups: Sync (or cloud) services backup individual files and do not include...

Education & Awareness

Fake DUO Authentication Request

October 9, 2023
What makes this a phishing message?

This targeted phishing scam impersonates the UC Berkeley Duo Admin to create fear to cause the recipients to act, scanning the QR code which leads to a malicious link.

This targeted phishing scam uses urgency and fear to cause the recipients to act, exposing their personal information.

Tips if Something Seems Off: Double-check the email address before responding. Individual email users (even accounts made to look like berkeley.edu accounts) will never ask for this action. If the link is followed, the campus will NEVER ask for credentials to be...

Cybersecurity Awareness Month 2023

Protect Your Digital Life, Be Cyber Safe

Download this Zoom background to use all month! And...don't forget to take the required cybersecurity training each year.

Toolkits

Password Management with LastPass

Overview

Creating strong, unique passwords for each of your personal and work accounts isn't a chore when using a password manager - like LastPass. LastPass can generate and remember passwords for you - no more writing your passwords down and potentially exposing your credentials. Using strong and unique passwords on each of your accounts increases your personal and professional online security.

UC Berkeley offers FREE...

Holiday Shopping Posters

Broaden your online shopping awareness

Below are posters (11" x 17") and flyers (8.5" x 11") you can use to learn how to protect yourself from cyber criminals while shopping this season.
Click on the image(s) to download the pdf.