This fake email was sent to a number of teaching faculty members, alerting them falsely that they were exposed to a student in class with Covid.
What makes this a phishing message?
This targeted phishing scam pretending to be a UC WarnMe Health alert.
This targeted phishing scam uses urgency and fear to cause the recipients to act, the text is also very well done and the non-UCB link is obscured.
Tips if Something Seems Off:
UC Berkeley Help Desks will NEVER initiate contact directly via text to personal cell phone numbers.
Although the link is obscured, it points to a non UC Berkeley site. The landing site was a very well done fake CAS Authentication page.
Even emails from @berkeley.edu(link is external) account may have been compromised.
Follow up with the sender separately
If you didn’t expect it, reject it. Or follow up with the individual directly in a separate email or call/text to confirm.
Report and/or flag it
Open the message
To the right of the 'Reply' arrow select 'More' (typically denoted with three vertical dots)
Then 'Report phishing'
For suspicious messages received by text, please take a screen shot and forward the message to phishing@berkeley.edu(link sends e-mail)For more information visit https://security.berkeley.edu/resources/phishing
Original Message:
