"Phishing" Email Fraud

"Phishing" refers to the fraudulent attempt to obtain sensitive data (personal and business) by posing as a trustworthy contact. Find out here how you can protect yourself against this threat.

Fake emails, websites or text messages (via SMS or WhatsApp) are used as tools for this digital data theft. Victims are often subject to identity theft, or dangerous malware may be installed on their devices via attachments.
 

When the digital mail carrier rings . .

Why would an attacker target me?

Even if you're not an IT expert, you might still be on the radar of cybercriminals.

Sensitive Data
If you have access to confidential information, such as student records, financial data, or confidential research data, you become an attractive target for attackers.

Your Credentials Are the Key
Your username and password could give cybercriminals access to critical university systems if they manage to steal these details.

Identity Theft
Attackers could steal your identity and impersonate you to conduct illegal activities or launch further attacks in your name.

Sensitive Emails
Your emails may contain confidential information that is highly valuable to attackers.

The Entry Point
Your computer or smartphone could be used by attackers as a gateway to infiltrate the entire university network.

Remember, security is a shared responsibility, regardless of your IT knowledge. Your vigilance is crucial in protecting yourself and the university from threats. Stay alert and learn to recognize phishing attacks to keep both yourself and the university safe.

Examples of past phishing emails at EUF

Typical characteristics of a phishing email

Phishing emails can be identified through certain key features, some of which you can see here. "Good" phishing emails combine several of these features - for example, they might convey urgency or try to arouse your greed. Some earlier signs of phishing (like spelling and grammar errors) are now less common thanks to the increased use of AI.

A common tactic in phishing emails is to pressure the recipient into acting immediately. For example, the email might say something like "We urgently need to transfer funds to company X today."

Examples:

  • Your PayPal account has been locked.
  • A DHL package could not be delivered.
  • You have received an official notification.
  • Data verification ("Your IT administration needs to check your access data. Please enter it here: ...")
  • Software update prompt ("Your Outlook is outdated. Click here ...")

Phishing emails exploit your trust in well-known companies, brands, products, services, or departments at EUF; the emails you receive in their name are not actually from those companies, brands, etc.

Phishing emails are sent in the name of colleagues, superiors, or acquaintances who urge you to respond. Since these are people or institutions you know, you are compelled to trust the fraudulent email and click on the dangerous link.

Phishing emails often reference current events, like:

  • Current COVID-19 measures
  • A damaged car in the parking lot
  • Requests for assistance by police officers
  • Storm damage on campus

The urgency of the supposed event might push you to respond immediately and click on a fake link, or divulge sensitive information (like your license plate number).

Particularly effective phishing emails will also engage you on an emotional level. They might invoke sympathy, touch on your personal interests, or raise health issues.

Examples:

  • A dog locked in a car during a heatwave
  • A missing cat
  • A death in the family

"What? It's free? I'll click on that!"

Examples:

  • Free concert tickets
  • Lottery tickets
  • Supposed marketing campaign

Phishing emails often advise you to check the data in email attachments.

This is particularly dangerous, because these attachments can allow malware to be installed on your device. The malware can then target your data, your computer - and even the whole university network.

Examples:

  • List of vacation days in Excel
  • Invoices
  • Vacation photos (e.g., in a ZIP file)

These file formats are particularly dangerous when sent as attachments:

  • .docx and .xlsx (Word and Excel files)
  • .xlsm (Excel files with executable content)
  • .exe
  • .zip and .rar

However, other file types can also be dangerous. Always ask yourself: Am I expecting an email with this attachment from this sender?

"Nothing will happen, just have a look..."

Click here!

How can I protect myself?

Be wary of any email that calls for urgent action on your part - for example, a request to change your password.

"I didn’t order any package!" - Phishing links may also be disguised as package notifications. Delete such emails if you're not expecting a package, or if you were expecting one from a different mail courier.

Examine the URL closely:

Hover over the link (without clicking) to see the actual URL in the bottom corner of your browser or email client. Look for spelling mistakes or unusual characters that could indicate a fake, phishing-related website.

Be cautious of shortened links:

Shortened URLs (like bit.ly, t1p.de, or goo.gl) obscure the real destination and are frequently used by phishers.

You might also consider using this pro tip.

Frequently asked questions (FAQ)

We are currently seeing an increase in malicious emails. Although our systems block over 90% of these emails, please be aware that 100% protection is technically impossible. Our security measures are continuously adapting to the current threat landscape.

We recommend that you promptly delete suspicious emails. Alternatively, you can mark these emails as spam or junk by right-clicking on them. This will automatically isolate the messages by moving them to the internal Outlook junk email folder.

You are encouraged to report suspicious emails to postmaster-PleaseRemoveIncludingDashes-@uni-flensburg.de. Your reports will be used for analysis and may help us adjust our security systems so that they can detect and combat potential threats early on.

Please change your password immediately. You can find instructions for changing your password on the Access data page. Report the incident promptly to ZIMT Service so that protective measures can be taken as soon as possible.

Downloads

Want to learn more? Here's further reading material. . .