Phishing attacks

• Email with malicious attachments
• Email with fake and malicious links
• Targeted social manipulation, targeted phishing attack where the fraudster targets key people within the organisation.

A common phishing attack sends a link that takes you to a false website that looks like the login page of a trusted organization or service. They will copy your username and password if you type it and will then log in to the real service with your login information, where they can then steal information, money or identity. It has happened that the university's website has been faked.

The link may also take you to malicious websites, with the intent to intrude on your computer or your and the university network to access data or cause harm.

Checklist to prevent phishing

• Take a deep breath. Stress does not improve your results or your efficiency.
• Think about it and read carefully. This includes all emails, but especially the ones with instructions about critical tasks, like transferring money.
• Analyse the content. Is the sender's address spelled correctly? Is the request logical and expected right now? Are the language, style and tone as expected?
• Files and links. Be careful about clicking on links or downloading programs that you receive by email, text message or other types of forums - especially if you do not know the sender.
• Ask before you act. Contact your manager, or call the sender of the email to be 100 per cent sure before you act.
• Are you uncertain? Contact IT » 

Reveal false links

• Check the link by holding the mouse pointer over the link. Do not click!
• The real the URL is displayed in a small window next to the link and should match the address displayed in the link or be trustworthy.
• If you suspect something is wrong; don't click on the link: leave the message and the link untouched.
• Report the suspected phishing attack to IT, even if you didn't click on the link. Contact IT »