This is a heads-up about the upcoming Phishing Campaign that Information Security and Policy will launch this December. The following CalMessage will be sent to the campus on December 1st formally announcing the campaign. For additional details about the campaign go to https://security.berkeley.edu/phishing or send mail to [email protected] .
Thanks, Erika Donald Information Security and Policy UC Berkeley (510) 643-5278 -------- CalMessage: Dear Colleagues: Do you think you can spot fraudulent email designed to trick you into giving up your account credentials? Phishing attacks are getting more sophisticated everyday and more difficult to differentiate from authentic messages. This puts your personal information and campus data at increased risk. Beginning this December, UC Berkeley will launch a new educational campaign designed to help you detect fraudulent messages (called phishing). *Don’t take the bait: keep an eye out for the phish!* Roughly once a month for the next year, we will send out a simulated phishing email to academic and non-academic staff. The email will use the same techniques phishers use, such as telling you to act immediately (“NOW!”) so you don’t lose account access. This awareness campaign is designed to provide just-in-time training for those who need it most―specifically, those who unwittingly respond to the suspicious message. If you fall victim to any of these simulated phishing attacks you will automatically be redirected to an educational website that will provide immediate phishing training. Don’t worry: this project is purely educational and non-punitive. No one will be reported to supervisors or Human Resources. The goal is to help everyone become more aware and to stay vigilant about the links we click every day. *Your responsibility: recognize and verify!* We want you to be able to recognize all kinds of phishing email. If you see something suspicious in your inbox (for example, a message from “IT staff” sent from a non-berkeley.edu address), delete it. If you’re unsure and want to check whether the email is legitimate, contact [email protected]. For more information on how not to get phished and what you need to be on the lookout for, visit security.berkeley.edu/phishing Remember—Cyber security is not just IT’s responsibility; it is everyone’s responsibility. The more informed you are, the better you can protect yourself and sensitive campus data. *Larry Conrad* Associate Vice Chancellor – IT and Chief Information Officer *Paul Rivers* Interim Chief Information Security Officer *Linda Morris Williams* Associate Chancellor/Chief Ethics, Risk and Compliance Officer *Lisa Ho* Campus Privacy Officer
------------------------------------------------------------------------- The following was automatically added to this message by the list server: To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site: http://micronet.berkeley.edu Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet. This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
