Don't worry — no account, password, or personal data was stored.
The message you just received was part of an authorized phishing simulation run by the Berners Tech team. The email was simulated and the page it linked to was not real. The goal is to help everyone practice spotting suspicious messages before a real attack happens.
Attackers design messages to trigger emotion and urgency — a security alert, an invoice, a shared file, a delivery, a deadline — so you act before you stop to think. There was no harm this time; it's a great chance to practice.
1. Pause. Don't rush to click links or enter your password.
2. Reach the site or service yourself — use a saved bookmark or type the address; don't use the link in the message.
3. Turn on and trust MFA (multi-factor authentication) — even if your password leaks, it's another line of defense.
4. When in doubt, verify or report to Menghsun Wu / Yaling Cheng. Reporting is never penalized.
Thank you for taking part. Your alertness is the organization's best line of defense.