Phishing: Don’t Get Hooked

December 1, 2014

A message from Larry Conrad, AVC-IT & CIO

Dear Colleagues:

Do you think you can spot fraudulent email designed to trick you into giving up your account credentials?

Phishing attacks are getting more sophisticated everyday and more difficult to differentiate from authentic messages. This puts your personal information and campus data at increased risk.  

Beginning this December, UC Berkeley will launch a new educational campaign designed to help you detect fraudulent messages (called phishing).

Don’t take the bait: keep an eye out for the phish!

fish icon

Roughly once a month for the next year, we will send out a simulated phishing email to academic and non-academic staff. The email will use the same techniques phishers use, such as telling you to act immediately so you don’t lose account access. This awareness campaign is designed to provide just-in-time training for those who need it most―specifically, those who unwittingly respond to the suspicious message.

If you fall victim to any of these simulated phishing attacks you will automatically be redirected to an educational website that will provide immediate phishing training.

Don’t worry, this project is purely educational and non-punitive. No one will be reported to supervisors or Human Resources. The goal is to help everyone become more aware and to stay vigilant about the links we click every day.

Your responsibility: recognize and verify!

  • We want you to be able to recognize all kinds of phishing email. If you see something suspicious in your inbox (for example, a message from “IT staff” sent from a non-berkeley.edu address), delete it.
  • If you’re unsure and want to check whether the email is legitimate, contact consult@berkeley.edu.

For more information on how not to get phished and what you need to be on the lookout for, visit security.berkeley.edu/phishing.

Remember—Cyber security is not just IT’s responsibility; it is everyone's responsibility. The more informed you are, the better you can protect yourself and sensitive campus data.

Larry Conrad, Associate Vice Chancellor – IT and Chief Information Officer
Linda Morris Williams, Associate Chancellor/Chief Ethics, Risk and Compliance Officer
Paul Rivers, Interim Chief Information Security Officer
Lisa Ho, Campus Privacy Officer

Related Links