location: email » phishing

Institute of Mathematics - PublicMathWiki:

Phishing Emails

I received a phishing mail: What to do?

  • Delete it.

I received a mail and I'm unsure if it is a phishing mail

  • Check our IT news: https://math.uzh.ch/li - we're publishing phishing mails there, as soon as we're aware of it.

    • Thinlinc: upper right corner you find our IT News channel. Blinking means there are new messages: right click on it to see the headlines, left click opens the channel in a browser. news.png

    • Announcements starting with '[Phishing] ...' means: this is a phishing mail, delete it.

  • Move the mouse over any given URL. Is the URL in the mail and the real URL (shown in the lower left corner) identical? Yes: that's a good sign.
  • Do you know the URL? Yes: good sign (be very picky with comparing the URL).
  • Best is not to click on any URL in the mail. Instead use your bookmarks or type the URL manually - but not the one from the email! Use google to search for the correct website.

  • If you found nothing suspicious but you're still unsure: forward the mail to support@math.uzh.ch and ask us if it is reliable or a phishing mail.

What is a phishing mail?

An attacker tries to get your username/password by providing a website with a login box. Such a site will save your credentials. They often look identical to known websites.

What happens if I provided my credentials to a phishing site?

  • Thousands of people will receive spam, cause your credentials will be misused to send spam. You're reponsible for this!

  • The UZH will be marked as 'spammer' - UZH mail will be marked as potential spam or the receiving of UZH mail is completely denied.

  • After submitting your credentials, it takes only a few minutes until the SPAM sending process starts.
  • If you realize something went wrong - change your I-MATH password immediately and contact us.

I can't open my mails anymore

  • If we're seeing too much traffic on an account, we lock the account. This is the only way to securely stop sending further mail by the spammer.
  • We won't contact you: because you won't be able to read our mail anymore. You have to contact us (by your private email or via chat https://hello.math.uzh.ch).

How can I distinguish fake and reliable mail?

  • Does the email ask me to log in somewhere?
  • Did I request the action described in the email?

'Do not trust any email' means ...

  • Do not trust any email address.

  • Do not trust any content - see below 'Personalized...'.

Personalized by Big Data

  • An attacker starts some 'big data' algorithm which reads a hacked email inbox, the collected email adresses (auto adressbook) and correlates that with other information like hacked email accounts, computer (incl. PDF, word or excel files saved on the computer) or general public available information.
  • A personalized email is built automatically and fits perfectly to your current situation, but it's still a fake.

Personalized by human

  • With the hacked collected information and some creativity: no limits.

Should I stop using email?

  • No - Email is by far the most accepted electronic way to communicate - keep it.
  • Just be aware that an email behaves like a postcard: everyone can write it, with any sender address, with any information.

Are there alternatives to email?

Yes: use a service which guarantees the identity of a sender.

  • Signed email: this is not commonly used but possible. We do not support those.
  • I-MATH members: use https://hello.math.uzh.ch - this is our secure chat server.

  • Decide on your own to use messengers like Signal, Threema, Telegram, Wire, WhatsApp

PublicMathWiki: email/phishing (last edited 2021-02-02 16:02:44 by eseide)