Warning against phishing/spam attack with reference to authentic-looking correspondence

Ulm University

Due to recent events we have to warn you urgently about a severe phishing & spam attack against members of the University of Ulm.

The emails are currently sent under the fake identity of university members. The content consists mostly of genuine-looking correspondence, e.g. on the subject of hygiene measures in the context of the COVID pandemic or similar. The goal of the attack is to trick the user into opening the attachment of the e-mail and thus, for example, inject malicious code into the university's systems.

How can you recognize these fake emails?

  • Check not only the sender's name, but also the email address for authenticity:
  • The contents of the e-mails currently refer to topics that are several months or years old (e.g. hygiene concepts in the context of the COVID pandemic or similar)
  • The content of the e-mails may not be directly related to your current work tasks.
  • The currently known e-mails have a file attachment in the format "[...].html".

What should you do if you receive such an e-mail?

  • Do not open any unknown external links or file attachments.
  • Do not enter any login data (username and password).
  • If you have already entered login data or opened an unknown attachment (e.g. in .html format), you must immediately change the corresponding password(s) and arrange for a virus scanner check. Please pay attention to any conspicuous behavior of your account/workstation computer.

Please refer to the general information on the secure handling of e-mails on the information security portal of the kiz.