Learn about Phishing

Phishing is a type of attack carried out in order to steal usernames, passwords, credit card information, Social Security Numbers, and other sensitive data by masquerading as a trustworthy entity. Phishing is most often seen on campus in the form of malicious emails pretending to be from credible sources such as UC Berkeley technology departments or financial organizations related to the university. If you receive an email you are not sure about, don’t download attachments and don't reply — see below for how to report phishing attempts. If you compromise your account by responding to a phish, your access to email will be turned off until the situation is resolved. IT Security has some very helpful examples of phishing campaigns on The Phish Tank.

Report Phishing Attempts!

Report all suspicious email messages to consult@berkeley.edu or call the CSS-IT Service Desk at 510.664.9000.

Keep in mind:

  • We will never ask you to verify your identity over email
  • We will never ask you for your password over email
  • Phishing attacks are becoming more sophisticated, so think twice before responding to requests 

Cyber Security Information

Check out our cyber security awareness month tips on the Security site. You will find tips along with downloadable fliers to share with others in your department.