Phishing

PHISHING EXAMPLE: UPDATE REQUIRED ON @berkeley.edu

May 26, 2021
Outgoing Mail Error Due to server error, 6 new mails you sent from recipient@berkeley.edu are stucked in berkeley.edu Release below to re-send all stuck emails to the destination boxes. Release Emails This is a mandatory berkeley.edu webmail service sent to recipient@berkeley.edu

PHISHING EXAMPLE: WORK FROM HOME / BERKELEY PAID JOB OFFER

September 10, 2021
Dear Student, We got your contact through your school database and I'm happy to inform you that our reputable company Cisco Systems Inc® is currently running a student empowerment program. This program is to help devoted and hardworking students secure a part time job which does not deter them from doing any other, you just need a few hours to do this weekly and with an attractive weekly wages. KINDLY EMAIL BACK WITH YOUR PERSONAL EMAIL ADDRESS IF INTERESTED IN THIS JOB POSITION.

PHISHING EXAMPLE: Attention: website.berkeley.edu DMCA Copyright Infringement Notice

August 18, 2021
Hello! My name is Shafaq. Your website or a website that your company hosts is infringing on a copyright-protected images owned by myself. Take a look at this document with the links to my images you used at website.berkeley.edu and my earlier publications to get the evidence of my copyrights. Download it right now and check this out for yourself: hxxps://sites.google.com/view/a0hf49gj29g-i4jb48n5/drive/folders/shared/1/download?ID=308682351554855915 I believe you have willfully infringed my rights under 17 U.S.C. Section 101 et seq. and could be liable for statutory damages as high as $150,000 as set forth in Section 504(c)(2) of the Digital Millennium Copyright Act (”DMCA”) therein.

PHISHING EXAMPLE: WORK AFTER CLASSES OFFER ($500 WEEKLY SALARY)

September 10, 2021
Hello, Are you currently in the US? Here is an opportunity for you to work part time after classes and earn $500 weekly. The job is completely done online and can be completed anytime in the evening/night at home and won't take much of your time daily, you don't have to be online all day and don't need any professional skill to do the job, all you need is just come online before going to bed to forward all order of the day made by agents to the supplier and you are done for the day.

The Phish Tank

Welcome to the "Phish Tank"

This page highlights examples of phishing emails received on campus. These examples are intended to educate every Berkeley email user on how to spot a phish. If you receive an email not listed here and that seems suspicious, report it via the methods listed above. For more tips on avoiding phish, visit our Fight the Phish page.

PHISHING EXAMPLE: student email directly

September 10, 2021
Hi Student, I am Dr Ralph Abraham, I feel comfortable discussing this WORK- STUDY opening with you since you were referred by the university chamber of commerce. I am very busy, that is why I have asked for your help as my temporary personal assistant. I provide individual and group therapy, coaching, assessment and many University students with academic difficulties and no prior diagnosis are seen and assessed through the academic screening and assessment process.

Phishing Example: Google Docs Download

February 22, 2016
This phish example attempts to trick the recipient into clicking on a link to a malicious website by purporting to be a link to download a Google doc.

Phishing Example: UCB-HR "Your New Salary Notification"

December 10, 2015
This phishing message was forged to appear to come from the UCB Human Resources office. Beware of "URGENT" message from HR concerning "Your New Salary Notification".

Scammers are Exploiting Coronavirus Fears to Phish Users

March 9, 2020
Attackers have been sending emails that feed on concerns about COVID-19 to spread malware, trick them into sharing account credentials, or opening malicious attachments.

Phishing Example: PayPal Forgery

January 1, 2016
This is a forgery example of a commonly used service provider, PayPal. The intent is to fool the recipient into clicking the link directed to a malware infected webpage.