Threats Posed by emails

Image: pepsprog / pixelio.de

Time and again, "malicious emails" are sent to university email inboxes. Such messages may contain malware or ask you to disclose sensitive data.

Awareness

An email is not trustworthy if it is unsigned.

Vigilance

Use your common sense and scrutinise suspicious emails!

Safety

Always keep all programmes up to date!

Personalised emails

A particular type of malicious emails has been in circulation for some time. These rely on personalising the emails using publicly accessible contact details, tempting the recipient to throw caution to the wind. The same recommendations apply to these emails as to any other type of malicious emails: delete them!

Further details can be found in this Heise article [de]

Recognise malicious emails

You may be able to recognise malicious emails based on characteristics from the following (incomplete) list:

  1. cryptic character combinations in the email address
  2. the sender's name and email address do not match
  3. several spelling and phrasing errors
  4. salutations and farewells differ from the rest of the communication
  5. file attachments with double file extensions (see: .pdf.exe)
  6. requests to enter data on external websites

As the details of the email sender can be chosen freely, it may initially seem that the email has come from a person or organisation you know. Therefore, always be critical and scrutinise the intentions of the email and its sender. The University Computer Centre only sends signed emails [de].

Important: delete the email immediately!

Delete suspicious messages immediately!

Never click on any of the web links in the email text!

Do not download any file attachments from the email!

Once again: Delete the suspicious message immediately!

Emails with malware

There are always emails with links to malware or malware attachments making the rounds. Such software can contain viruses, Trojans or ransomware. The latter can pose a particular danger as it encrypts the data on the hard drive and only releases the required key in return for a ransom. 

To avoid unpleasant consequences, we would like to suggest you follow these behavioural guidelines: 

  • Always be sceptical of unexpected emails concerning invoices, job applications or letters from lawyers.
  • Do not click on any links that refer to dubious websites. These can also be Dropbox links. Be generally sceptical in this regard.
  • Do not open any email attachments with the endings "*.exe", "*.msi", "*.bat"(e.g. " application.pdf.exe") and also be careful with zip or rar archives. This also applies to attachments from known senders. This information can be manipulated in an email. For this reason, employees of the University Computer Centre use certificates as proof of identity.
  • If you receive emails with questionable content from senders you know, contact the sender and/or inform them that emails are being sent in their name.
  • If you receive Office attachments, open them in isolated viewers (e.g. online Office viewer) of the browser. These initially deactivate the execution of macros, which can activate or install malware through additional source code. In general, make sure to use the "block macros" setting in Office so that they are only activated when required.
  • Make sure that you have installed and are running up-to-date antivirus software. Our university recommends Sophos, which can be downloaded at no extra cost.
  • Use the central file servers of the University Computer Centre to store your data. Automatic snapshots and backups are created there, allowing you to restore your data very quickly and easily in the event of damage.
  • Carry out regular security updates for your software, including browser plug-ins (Java, Flash etc.). This also applies to Mac and Linux.

Phishing emails

Emails are constantly being circulated which seem to have been sent by the University of Greifswald. These emails contain links and a request to confirm your login details (i.e. username and password).

We urge you not to respond to these emails.

In general, please note the following: The University or the University Computer Centre will never ask you to hand over or confirm your login information.

By the way

Phishing is not SPAM! Phishing emails are targeted attacks on users and are not sent in bulk worldwide. Therefore, spam protection mechanisms are generally not effective here. The University Computer Centre endeavours to place individual filters for phishing messages as quickly as possible.

Information on the internet

You can find further information on threats posed by emails on the internet under the following links: