Viewable by the world
Group Access to Cyber Security Website
Can VIEW the space: all-lbnl-users ,  anonymous , 
Can EDIT the space:
Can ADMINISTER the space:
Individual Access to Cyber Security Website
Can VIEW the space: [email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected]
Can EDIT the space: [email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected]
Can ADMINISTER the space: [email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected][email protected]

Versions Compared

Old Version 2

changes.mady.by.user Arthur Frohlich

Saved on

compared with

New Version 3

changes.mady.by.user Arthur Frohlich

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

In order to raise awareness of current phishing scam tactics the Berkeley Lab Cyber Security team will begin sending emails to the Berkeley Lab employees that simulate real phishing attacks. During the initial phases of this project, simulated phishing emails will only be sent to the list of users who opt-in to receive them. Information about individual responses will NOT be shared with supervisors or HR. 

 

The goal of this simulated phishing campaign is to help you to learn how to spot a phish and report them to the Cyber Security team. Accurately reporting phishing scams can allow the Cyber Security team to alert other employees and block future phishes.

What is phishing?

It is important to distinguish An important part of this campaign is distinguishing between what is a targeted phishing email, a generic targeted phishing email, and spam.

Targetted phishing: These are attacks that 

Phishing:  These are attacks that are carried out in order to steal usernames, passwords, credit card information, Social Security Numbers, and other sensitive data by masquerading as a trustworthy entity. Most often the emails pretend to be from credible sources such as financial organizations or online services. These messages often ask you to click on a link, send information via email or fax, or enter credentials into a seemingly legitimate website.

Targeted phishing:  These are attacks that are in the context of your affiliation with Berkeley Lab, UCB, UC, or DOE to steal sensitive data (i.e. usernames, passwords, SSNs). These messages could use names of co-workers, appear to come from LBL email addresses, or directly reference Berkeley Lab employees. These can be very difficult to distinguish from legitimate messages are important to notify the Cyber Security team about quickly.

Spam:  These are unwanted messages but are not asking for sensitive information.

 

For more information on phishing see the Cyber Security Resources page on Spam, Phishing, Targetted Phishing

...

Click here to subscribe: https://lists.lbl.gov/sympa/subscribe/simulated-phishing

What

...

should I do when I see a phishing email?


Report the email to [email protected] and save the source code of the message as an attachment. 

Click here to learn how to forward an email as an attachment: Forward Email As Attachment

 

Why is this necessary?

How will it be implemented?

How can you avoid phishing scams?

Training and Resources

Examples:

...

Examples of Simulated Phishes (Coming Soon)