Phishing

PHISHING EXAMPLE: Phone Fraud, Chinese Consulate

February 8, 2023
If you are unable to log into bMail, forward the message to phishing@berkeley.edu. For more information visit https://security.berkeley.edu/resources/phishing

Fake: URGENT: COVID-19 Variant Case Alert

July 3, 2024

This phony potential Covid contact alert was received by many users sent to their Campus bMail accounts.

What makes this a phishing message?

This targeted phishing scam is using a fake UC Berkeley email address

From: UC Berkeley Alerts <CHI-Information@case.edu>

This targeted phishing scam directs user to a bogus CAS authentication page..

Tips if Something Seems Off:

The serious nature of the report is intended to cause alarm in recipients and lure them into clicking the link and entering their...

Students: Beware of employment scams via email

December 7, 2023

Every year, students at UC Berkeley are scammed out of thousands of dollars via fake employment offers. Beware of unsolicited emails, phone calls, texts or even facebook messages offering internship or employment opportunities. If you receive a job offer, don’t trust it without verifying – contact the person offering the job via their contact info in the campus directory or via a berkeley.edu departmental website....

Fake DUO Authentication Request

October 9, 2023
What makes this a phishing message?

This targeted phishing scam impersonates the UC Berkeley Duo Admin to create fear to cause the recipients to act, scanning the QR code which leads to a malicious link.

This targeted phishing scam uses urgency and fear to cause the recipients to act, exposing their personal information.

Tips if Something Seems Off: Double-check the email address before responding. Individual email users (even accounts made to look like berkeley.edu accounts) will never ask for this action. If the link is followed, the campus will NEVER ask for credentials to be...

PHISHING EXAMPLE: Fraudulent 'Broken Lab Equipment' Scam

January 30, 2024
Luca Giles
What makes this a phishing message?

This targeted phishing scam impersonates the UC Berkeley faculty member or campus lab manager.

This email is sent to the parents of a student working in a campus lab. It invents a phony 'accident' that damaged an expensive piece of lab equipment and asks the parents of the lab member to reimburse the lab for part of the cost of replacement.

This targeted phishing scam uses urgency and fear to cause the recipients to act, extorting money from a phony accident.

Tips if Something Seems Off:

The message is sent from a...

PHISHING EXAMPLE: Phony Email confirmation Text Message

June 11, 2024
Luca Giles

This fake email termination notification was received by many users on their personal cell phone numbers via text message.

What makes this a phishing message?

This targeted phishing scam is pretending to be a UC Berkeley technician and uses urgency and fear to cause the recipients to act, threatening loss of service (email).

Tips if Something Seems Off:

UC Berkeley Help Desks will NEVER initiate contact directly via test to personal cell phone numbers

No technician will ever ask you to send them a password, DUO push code or other secret account information...

Fake: New Sextortion Scam with Geolocation Data

October 1, 2024
What makes this a phishing message?

This is a classic 'sextortion' hoax from a random GMail email address.

https://www.bbb.org/article/news-releases/20517-scam-alert-beware-of-sextortion-emails

Tips if Something Seems Off:

The anonymous fraudster is now using leaked home address information to induce more fear in the recipients. The data likely came from a recent data breach, possibly the National Public Data (NPD) data release.

...

Fake: Phony Docusign Termination Email

October 1, 2024
What makes this a phishing message?

This email has been specifically targeting UC Berkeley Executives and asks them to click a link and enter their credentials to review an employee termination agreement.

Tips if Something Seems Off:

The sender name indicates an official Docusign like service, but is allegedly from OnlineSIGN-DOC, EDOC-ReadytoSign, or OnlineSignDESK-Ready.

When the recipient hovers a cursor over the link, it goes to an unknown third party site. If the link would be clocked, the target will be asked to login and the credentials will be stolen.

Report and/...

Fake: One of Your Students has Covid Phish

November 12, 2024

This fake email was sent to a number of teaching faculty members, alerting them falsely that they were exposed to a student in class with Covid.

What makes this a phishing message?

This targeted phishing scam pretending to be a UC WarnMe Health alert.

This targeted phishing scam uses urgency and fear to cause the recipients to act, the text is also very well done and the non-UCB link is obscured.

Tips if Something Seems Off:

UC Berkeley Help Desks will NEVER initiate contact directly via text to personal cell phone numbers.

Although the link is obscured, it...

Phony Remote virtual Assistant Job

December 2, 2024

This is a fraudulent offer for a remote assistant position. The scammer will impersonate a real UCB professor or department and try to take the conversation offline to a 'personal email' address.

Common bogus email subject lines include:

'Approved Part - Time Job ( Offer For Staffs & Students )'

'VIRTUAL PERSONAL ASSITANT JOB (REMOTE)'

'**NEW INTERNSHIP OFFER**'

'Internship Opportunities at University of California, Berkeley'

'Research Assistant Position'

What makes this a phishing message?...