How do I recognize a phishing attack?

E-mails can be dangerous in a number of ways:

  • Attachments can contain viruses and Trojan horses that damage your system or spy on your personal information and transmit it to unknown third parties.
  • If you click on these links, viruses or Trojans can also be sent to your end device via links in e-mails.
  • E-mail links can direct you to pages that attempt to obtain your personal information (account information and passwords).

What is Phishing?

Phishing describes an attempt to obtain account information from users via fake e-mails. The quality of phishing emails varies greatly. Some are of such poor quality that they immediately stand out as forgeries. Others, in turn, are so well designed that it is difficult to tell whether a fraud attempt has been made.

Our central SPAM check cannot always detect all phishing e-mails and mark them accordingly.

Do not divulge your account information and above all your password, you would pass this sensitive information on to third parties. Unauthorized persons would have the possibility to view the contents of your e-mail account or to spread new SPAM via your account data. The OVGU must prevent this urgently, since otherwise our mail servers are "branded" as SPAM propagators and therefore legitimate e-mails are no longer accepted by many other remote peers.

How can phishing mails be recognized?

Unfortunately, there are no clear criteria for identifying phishing e-mails. Many phishing e-mails describe a threatening scenario for the user, which can only be averted by an alleged interaction after login with the corresponding account and password. A typical example is the pretended warning that your inbox is full and can be extended by entering your username and password. However, when you receive an email you should always pay attention to the following things before reacting to the content of the email:

  1. Check whether the content of the e-mail is suitable for you. If you are supposed to be warned about a full mailbox and you have only a few mails in it, this warning seems very untrustworthy.
  2. Check the sender address. If the e-mail has an external sender address, the e-mail will not be from the OVGU. Pay attention to the sender address and not only the name, which was given before the address. Unfortunately, it is not possible to send legitimate mails with faked OVGU sender addresses.
  3. We never offer you the possibility to increase the size of your mailbox by entering your username and password. An enlargement of the mailbox is only possible if you contact the IT service.
  4. If an e-mail contains a link to an address outside the OVGU, you should become suspicious.
  5. Do not blindly follow links within e-mails even if they contain information such as "ovgu" or "uni-magdeburg". Phishers often register web addresses that are very similar to the original address.
  6. Pay attention to the expressions in the subject and in the text. Many phishing e-mails are automatically translated or created abroad by people with poor German language skills. Such mails written in "broken" German often indicate an e-mail that is not trustworthy. However, there are more and more cases in which the e-mails are written in almost error-free German. Correct expression and spelling are no indication of a legitimate e-mail.
  7. The URZ will never ask you to send your password by e-mail.
  8. Be suspicious of all types of e-mail attachments. Viruses or Trojans can be hidden within attachments of any type (Word documents, PDF, ZIP,...). These nest on your device as soon as the file is opened. Unfortunately, you cannot rely on virus scanners for protection. The viruses/trojans are often so up-to-date that no suitable signatures are yet available for the virus scanners and the malware is therefore not detected.
  9. The basic rule is: read every e-mail with suspicion and "common sense". If you have the slightest doubt as to legitimacy, do not open any attachments or follow any links in the e-mail. Contact the alleged sender by searching for the contact information yourself (e.g. from the LSF). Do not use the contact details given in the mail, they could also be forged.

What can I do if third parties know my account details?

If your account information has been passed on to third parties, you should first check your end devices for Trojans or other malware. If a Trojan is installed on one of your endpoints, the new password would fall back into the hands of the third party after the password was changed. However, depending on how up-to-date the Trojan is, it may take a while for the antivirus solution manufacturers to provide appropriate signatures to recognize the Trojan.

If there are no more Trojans on your end devices or if you have disclosed the account data via a phishing website, you should immediately change your password in the service section of the URZ website.

Go to password change page

Last Modification: 08.09.2019 - Contact Person: IT-Service