Warning against a current phishing wave against members of the University of Ulm

Ulm University

Due to recent events we have to warn you urgently about a serious phishing attack against members of the University of Ulm.

The e-mails are currently being sent, for example, by "Uni-ulm WEB-INFO". The content of the email informs the recipient that their email password is supposedly expiring and needs to be renewed. A link leads the recipient to a fake homepage and fishes off entered access data. These can then be used for further attacks, for example.

How can you recognize these fake emails?

  • Check not only the sender's name, but also the e-mail address for authenticity:
  • The contents of the e-mails try to put pressure on the recipients in order to trigger an action (in this case, the disclosure of access data)

What should you do if you receive such an e-mail?

  • Do not open any unknown external links or file attachments.
  • Do not enter any login data (username and password).
  • If you have already entered login data or opened an unknown attachment (e.g. in .html format), you must immediately change the corresponding password(s) and arrange for a virus scanner check. Please pay attention to any suspicious behavior of your account/workstation. If you notice any suspicious behavior, please report it immediately to helpdesk(at) or cert(at)

Please refer to the general information on secure e-mail handling on the kiz information security portal.