Develop Safe Habits

Common cybersecurity tips

Security Basics: 101

The basics of campus information security boil down to the following three concerns: Protecting Yourself, Protecting Devices, and Protecting Data

Protecting Yourself

Protect your personal information by following guidelines for managing passwords, learning how to avoid phishing scams, and by remembering secure computing practices at all times.

collapse all...

Security Tips for Travel

Traveling comes with certain data security risks. Using devices like laptops, tablets, or smartphones in unfamiliar locations can expose them to threats. Connecting to public networks in hotels and airports often lacks robust security, making them easy to target.

Consider adding the following data security safeguards to your travel checklist: before, during, and after your trip. If you have any questions about securing your data on your trip, email security@berkeley.edu.

If...

Students: Beware of employment scams via email

December 7, 2023

Every year, students at UC Berkeley are scammed out of thousands of dollars via fake employment offers. Beware of unsolicited emails, phone calls, texts or even facebook messages offering internship or employment opportunities. If you receive a job offer, don’t trust it without verifying – contact the person offering the job via their contact info in the campus directory or via a berkeley.edu departmental website....

Fake DUO Authentication Request

October 9, 2023
What makes this a phishing message?

This targeted phishing scam impersonates the UC Berkeley Duo Admin to create fear to cause the recipients to act, scanning the QR code which leads to a malicious link.

This targeted phishing scam uses urgency and fear to cause the recipients to act, exposing their personal information.

Tips if Something Seems Off: Double-check the email address before responding. Individual email users (even accounts made to look like berkeley.edu accounts) will never ask for this action. If the link is followed, the campus will NEVER ask for credentials to be...

PHISHING EXAMPLE: Fraudulent 'Broken Lab Equipment' Scam

January 30, 2024
What makes this a phishing message?

This targeted phishing scam impersonates the UC Berkeley faculty member or campus lab manager.

This email is sent to the parents of a student working in a campus lab. It invents a phony 'accident' that damaged an expensive piece of lab equipment and asks the parents of the lab member to reimburse the lab for part of the cost of replacement.

This targeted phishing scam uses urgency and fear to cause the recipients to act, extorting money from a phony accident.

Tips if Something Seems Off:

The message is sent from a...

PHISHING EXAMPLE: Phony Email confirmation Text Message

June 11, 2024

This fake email termination notification was received by many users on their personal cell phone numbers via text message.

What makes this a phishing message?

This targeted phishing scam is pretending to be a UC Berkeley technician and uses urgency and fear to cause the recipients to act, threatening loss of service (email).

Tips if Something Seems Off:

UC Berkeley Help Desks will NEVER initiate contact directly via test to personal cell phone numbers

No technician will ever ask you to send them a password, DUO push code or other secret account information...

Top 10 Secure Computing Tips

Top Ten Secure Computing Tips"Top 10" List of Secure Computing Tips Tip #1 - You are a target to hackers

Don't ever say, "It won't happen to me." We are all at risk and the stakes are high - both for your personal and financial well-being and for the university's standing and reputation.

Cybersecurity is everyone's...

Protecting Your Data

Overview:

Data is one of UC Berkeley’s most critical assets. The complexity and volume of the data we are taking in is growing while at the same time regulatory requirements are becoming more stringent. These factors make correctly managing data vital for ensuring its confidentiality, integrity, and availability remain intact.

The data management lifecycle:

Proper handling of data throughout its lifecycle is critical to optimizing its utility, minimizing the potential for errors, and protecting it from breaches. No...

Roles and Responsibilities Policy

University of California, Berkeley

Policy Issued: 04/01/2022

Effective Date: 04/01/2023

Supersedes: N/A - New policy

Next Review Date: 04/01/2027

UCB Seal

Roles and...

Data Syncing Services

Sync Services

Sync service backups can be set up through Google Drive or Box and both encrypt the data in transit and at rest. However, these services are only suitable for P2 and P3 data - not P4, review what data can be stored in my UC Berkeley Google accounts (bMail,...