The email message came from firstname.lastname@example.org...
It told me that I had a confidential message, and that I needed to click on the link to log into CalNet in order to read my confidential message.
I clicked and was confronted with the normal CalNet login screen. I glanced up at the URL. It was a URL from google.com. "Hmmmm", I thought. "That is odd. Oh, I remember, after the great Berkeley email meltdown of late 2011--IT bureaucrats who spent too much time telling the chancellor that they could manage with their limited budget and not enough time telling the chancellor that they needed more budget or the system would collapse--they made a big fuss about how they were going to move the back end of the Berkeley system to Google. It is okay."
I answered my CalNet authentication credentials, clicked login, and looked at the URL. Still google.com. In fact, still docs.google.com.
"Do I have time to change my password and lock whoever I just gave access to out?"
Time will tell...
If the phishers can catch me, how many people in the world are there and they cannot catch?