Beware of phishing emails
Unfortunately, malicious e-mails – also known as phishing mails – are occasionally sent to TUM e-mail addresses.
Here, you can learn how to tell the difference between malicious and authentic emails. To help you, we have put together the following information:
- Further below, you will find more detailed explanations about phishing, as well as tips on how to recognize such emails and which preventive measures you can implement
- A short explanatory video of the Zentrum Digitalisierung Bayern on phishing is available on YouTube.
- Here, you will find a small, anonymous self-learning test
- A list of the phishing emails circulating around TUM provides an initial path toward self-help
- The North-Rhine Westphalia Consumer Protection Agency publishes up-to-the-minute information regarding online fraud activities: https://www.vz-nrw.de/phishing
Terminology
Phishing is described as the act of attempting to steal someone's identity by acquiring sensitive user data through e-mails or short messages sent from bogus Internet addresses. The term derives from the word "fishing" in the sense of luring an unsuspecting person.
To protect you from such situations, we have assembled a list of tips and recommendations on how to deal with phishing mails.
Recognizing phishing mails
Caution is advised if the following criteria apply:
- You are requested to provide data such as your user ID, password, account number, credit card number or TAN.
- The originator of the e-mail is frequently unknown. However, e-mail originators can be bogus though the sender's e-mail address might appear to be valid (it-support@tum.de, for instance)
- Links in phishing mails frequently direct you to web pages where you are asked to give personal information. Always check suspicious links by moving the mouse cursor over the link (do not click on it!). The status line (usually at the bottom of the window) displays the address that the link really leads to, which with most phishing mails will be different than the link displayed in the text.
- If the text link and real address are identical, make absolutely sure that the link takes you to a page that you are familiar with.
- Some phishing mails ask you to respond by mail with personal access data.
- Look closely at how the e-mail is written. Grammatically-incorrect and/or misspelled text, in combination with at least one of the aforementioned criteria, normally indicates a phishing mail.
- Phishing email originators often try to exert pressure on recipients. This can occur in different ways, such as time pressure, in which the originator demands a quick response, otherwise you will suffer unpleasant consequences. Or by exerting authority-based pressure, such as contact by a lawyer, your bank, system administrator or other person/organization that appears to be in a position of authority.
- So-called spear phishing emails are becoming more common. These emails target specific people or groups. The originators expend much more effort to acquire information about their victims in order to address them in a more targeted fashion, and thus convince them to carry out the desired response (providing personal data, opening a malware attachment).
Measures
- If you suspect you have received a phishing e-mail, handle it as follows:
- Never respond to a phishing mail and never provide your personal information.
- When in doubt, members of TUM may forward the e-mail to it-support@tum.de. You will be informed as to whether or not it involves phishing.
Please consider: this service is only for members of TUM! We also can not support your private email-account. - Alternatively, in case you are in a rush: We have put together a list of current phishing emails that you can research on your own. It goes without saying, we cannot list every phishing email. However, should you discover correspondence similar to those listed here, that's a red flag indicating the email is probably fraudulent, as well.
- If you have already provided your data, immediately change the corresponding password. If you use the same password for other sites, change it for these systems as well!