News

Click here and you win an IPhone!

...or lose all the data that is important to you! All of them! Really all! I swear!

But of course you can transfer 500€ to the Bitcoin account 3DvAjgoSfrtbbIST2repKEINdcKONTOcjJ73jLqm or buy Amazon vouchers and send me the codes. Then I won't delete your data (or maybe I will. I'll have to think about that).

Alternatively, I can offer you a commission for handling the transfer of 12 million euros to Swiss accounts. 5% is a fair offer, isn't it? All you have to do is send me your account details. I will manage everything. I am 100% trustworthy.

By the way, I work for Europol. That means I know where and with whom you live and what you like to do. You have been targeted by criminals who are after your savings. To secure your money, transfer it to the following account XY62 5485 0012 2214 2135 at the latest. Also, we have evidence that you were involved in an accident and hereby receive a summons to appear in court.

On the side, I work for a French law firm. They would like to inform you that a certain Francois Raimon has died at the age of 96. Investigations have shown that you are his only living relative, which is why you will become the heir to his 5 Paris apartments and his savings in the amount of 25 million euros.

I also managed to hack into your computer and record you "working" with the help of your camera. I filmed you doing yoga during "home office", petting your cat and reading the newspaper and will put these videos on your company's website. Unless you transfer me 5.000€ every month to the above mentioned account.

 

As absurd as these threats and promises seem to us when we read them here, unfortunately it often happens that people fall for them.

Unfortunately, with some emails that land in our upTudate inboxes, it is often far less obvious that they are phishing attempts. Take the below email.

Here, an actual TU Wien employee replies to an old email and attaches an attachment to the email, which can also be accessed via a link. In fact, however, this message comes from a completely different address. In this case from ....@amsaidurlovpur.in. The link is also not trustworthy. But in the hustle and bustle of everyday work, it's very easy to overlook this (and yes, it really can happen to anybody). Therefore, we must make it an absolute habit before opening an email to check the following:

  1. Does the sender address make sense?
  2. Does the content make sense and
  3. Can the attachment or any links be trusted?

When checking the sender address, it is important to note that these can be falsified. Therefore, be sure to check the content as well. If unnecessary pressure is created or if it is a reply to an e-mail that you sent some time ago, it is best to call the sender. If the email contains an attachment or link, do not open it. You can view links in emails in full by viewing all emails in plain text. By doing this, you won't see any images, but you will increase your security.

To do this, go to "Options" in the "File" tab. There, click on "Trust Center", go on to "Trust Center Settings" → "Email Security" and check "Read standard messages in plain text format".

How to check if a link is trustworthy, you will learn in this video (unfortunately it is available in german only):

youtube.com/watch?v=4xIU1lPJs_4, opens an external URL in a new window 

Please share this post with your colleagues. Especially those who are new to the TU Wien.

 

[Translate to English:] Phishing E-Mail