Phishing

Phishing Example: Security Notice - Fix Security Info Now

September 4, 2020
These attacks are a sophisticated, targeted form of phishing emails spoofing the security office with the intention of scaring the victim to get them to click on a nefarious link. The Information Security Office will never ask for you to "validate" your information via a link in an email.

Phishing Example: (ITCS Notification:) Account Irregular Activity Detected [INC1147653]

September 3, 2020
These attacks are a sophisticated, targeted form of phishing emails designed to look like legitimate UC Berkeley IT Client Services emails with the intention of scaring the victim to get them to provide personal information. Legitimate UC Berkeley IT departments will NEVER ask for your passphrase over email.

Phishing Example: Tutoring

August 7, 2020
These are targeted forms of phishing emails designed to establish trust with the victim in order to give up personal information or money.

Scammers Exploit California’s COVID-19 Contact Tracing Program

July 15, 2020
In ongoing efforts to mitigate the spread of COVID-19, Gov. Newsom launched "California Connected, " the state's contract tracing program and public awareness campaign. Malicious actors are leveraging the program to use phishing scams to exploit the public.

What is Phishing?

Phishing is a type of attack carried out in order to steal information or money. Phishing attacks can occur through email, phone calls, texts, instant messaging, or social media. Attackers are after your personal information: usernames, passwords, credit card information, Social Security numbers. However, they are also after intellectual property, research data, and institutional informationPhishing scams can have several goals, including:

The Phish Tank

Welcome to the "Phish Tank"

Phishing Example: Evaluation of UCRP Benefits for University of California, Berkeley

July 5, 2020
These are targeted forms of phishing emails designed to get victims to click on malicious links and to give up personal email or phone numbers. UC Berkeley has no relationship with this organization. If you receive an email from PERA, do not interact, report it as a phishing email through bmail and delete.

Let's Get Ready to Report Phish!

Are you ready to rumble?

When you report phishing attacks, the information you send via bMail helps Berkeley fight the attackers. When enough users report an email as a phishing attack our mail systems prevent these nefarious senders from reaching more users on campus. By reporting, you are protecting your fellow Bears. Reporting through Google is quickest way to protect colleagues and campus community from attacks.


How to report:

Using the bMail web interface: