Unauthorised account access
Unfortunately, a number of e-mail programmes can now be classified as spyware. These currently include
- Outlook
(currently still excluded: Outlook in Office LTSC (campus licence)) - Edison Mail+
- E-Mail - Fast Mail
- bluemail
When setting up the e-mail account in these programmes, the URZ access data is requested and then transmitted to the providers. The entire mailbox is then copied to the provider and all e-mail traffic - including sending - is performed via the provider.
This constitutes a violation of § 6 para. 2 sentence 4 of the URZ regulations. In order to protect the university's IT infrastructure, the URZ monitors the e-mail log data with regard to this matter and takes appropriate measures.
What to do if you are affected?
If you are informed by the URZ that you are affected by this security problem, please carry out the following steps:
- Check whether you are using one of the above-mentioned e-mail programmes. Remove your university e-mail account from this e-mail programme.
- If you are definitely not using one of the above-mentioned e-mail programmes, check whether you are using an antivirus programme with VPN function (e.g. Norton Anti-Virus). Deactivate the use of VPN of the antivirus programme when retrieving emails.
- Change your password in the account management.
- Use an e-mail programme recommended by the URZ.