|
Size: 7019
Comment:
|
← Revision 74 as of 2021-02-02 16:02:44 ⇥
Size: 3824
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 2: | Line 2: |
| * Latest phising emails. * Please: * ignore or best delete, such email, * feel free to append received phishing mails here, * attention: remove any URLs from the text before saving. |
== I received a phishing mail: What to do? == * Delete it. |
| Line 8: | Line 5: |
| <<TableOfContents>> | == I received a mail and I'm unsure if it is a phishing mail == * Check our IT news: https://math.uzh.ch/li - we're publishing phishing mails there, as soon as we're aware of it. * Thinlinc: upper right corner you find our IT News channel. Blinking means there are new messages: right click on it to see the headlines, left click opens the channel in a browser. {{attachment:news.png}} * Announcements starting with '[Phishing] ...' means: '''this is a phishing mail, delete it'''. |
| Line 10: | Line 10: |
| * Move the mouse over any given URL. Is the URL in the mail and the real URL (shown in the lower left corner) identical? Yes: that's a good sign. * Do you know the URL? Yes: good sign (be very picky with comparing the URL). * Best is '''not''' to click on any URL in the mail. Instead use your bookmarks or type the URL manually - but not the one from the email! Use google to search for the correct website. |
|
| Line 11: | Line 14: |
| == Subject: Re: FORMULAIRE AVERTISSEMENT WEBMAIL == * Date: 3.12.14 * Sender: Patricia.Wilson@halifax.org {{{ Your email account storage limit has exceeded. You won't be able to receive or send a message. To restore your account please click here: http://internetmessage.poseer... |
* If you found nothing suspicious but you're still unsure: forward the mail to support@math.uzh.ch and ask us if it is reliable or a phishing mail. |
| Line 16: | Line 16: |
| and submit your webmail required information. | == What is a phishing mail? == An attacker tries to get your username/password by providing a website with a login box. Such a site will save your credentials. They often look identical to known websites. |
| Line 18: | Line 19: |
| == What happens if I provided my credentials to a phishing site? == * Thousands of people will receive spam, cause your credentials will be misused to send spam. You're '''reponsible''' for this! * The UZH will be marked as 'spammer' - UZH mail will be marked as potential spam or the receiving of UZH mail is completely '''denied'''. * After submitting your credentials, it takes only a few minutes until the SPAM sending process starts. * If you realize something went wrong - [[https://www.math.uzh.ch/li/index.php?id=newpw|change your I-MATH password immediately]] and [[mailto:support@math.uzh.ch|contact us]]. |
|
| Line 19: | Line 25: |
| Thank you. IT Security Service Office 2014 |
== I can't open my mails anymore == * If we're seeing too much traffic on an account, we lock the account. This is the only way to securely stop sending further mail by the spammer. * We won't contact you: because you won't be able to read our mail anymore. '''You have to contact us''' (by your private email or via chat https://hello.math.uzh.ch). |
| Line 22: | Line 29: |
| }}} | == How can I distinguish fake and reliable mail? == * Does the email ask me to log in somewhere? * Did I request the action described in the email? |
| Line 24: | Line 33: |
| == Subject: Re: FORMULAIRE AVERTISSEMENT WEBMAIL == * Date: 2.12.14 * Sender: syzheng@ipm.edu.mo {{{ Un virus cheval de Troie ont été détectés dans votre compte webmail et vous demander de vérifier votre compte e-mail dans les 24 heures. Cliquez sur le lien ci-dessous pour valider votre compte webmail. |
== 'Do not trust any email' means ... == * Do not trust any '''email address'''. * Do not trust any '''content''' - see below 'Personalized...'. |
| Line 29: | Line 37: |
| Cliquez ici: | == Personalized by Big Data == * An attacker starts some 'big data' algorithm which reads a hacked email inbox, the collected email adresses (auto adressbook) and correlates that with other information like hacked email accounts, computer (incl. PDF, word or excel files saved on the computer) or general public available information. * A personalized email is built automatically and fits perfectly to '''your''' current situation, but it's still a fake. |
| Line 31: | Line 41: |
| Ne pas le faire immédiatement rendre votre adresse e-mail désactivé à partir de notre base de données. Mise à jour Équipe Webmail Virus. }}} |
== Personalized by human == * With the hacked collected information and some creativity: no limits. |
| Line 35: | Line 44: |
| == Subject: Warnung == * Date: 29.11.14 * Sender: support@math.uzh.ch {{{ Sehr geehrter Nutzer, |
== Should I stop using email? == * No - Email is by far the most accepted electronic way to communicate - keep it. * Just be aware that an email behaves like a postcard: everyone can write it, with any sender address, with any information. |
| Line 40: | Line 48: |
| Sie werden darauf hingewiesen, dass Ihr Institut für Mathematik Postfach hat seine Reihe Quote erreicht, sind Sie auf den Link unten an deine E-Mail-Konto zu überprüfen, um die Deaktivierung zu vermeiden folgen. | == Are there alternatives to email? == Yes: use a service which guarantees the identity of a sender. |
| Line 42: | Line 51: |
| Beachten Sie, füllen Sie Ihre Password im Keyword Raum. http://ow.... Danke. Urheberrecht © 2014 Institut für Mathematik. Alle Rechte vorbehalten. }}} == Subject: Your receipt No.145086263563 == * Date: 24.11.14 * Sender: online@securityupdate.com {{{ You've bought a program "TomTom" from the Apple Store. It may take a few moments for this transaction to appear in your account. If you have not authorized this charge, log in as soon as possible to cancel the payment! Apple Store Transaction Cancellation Form When the payment will be canceled you will get a full refund. Apple Store Sweden As informações contidas nesta mensagem são confidenciais e protegidas pelo sigilo legal. A divulgação, distribuição ou reprodução deste documento depende da autorização do emissor. Caso V. Sa. não seja o destinatário ou preposto, fica, desde já, notificado que qualquer divulgação, distribuição ou reprodução é estritamente proibida, sujeitando-se o infrator às sanções legais. Caso esta comunicação tenha sido recebida por engano, favor avisar o emissor imediatamente. Grato pela cooperação. -------------------- (English Version) -------------------- The information contained in this message is strictly confidential. If you are not the intended recipient of this message or an agent responsible for delivering it to the intended recipient, you are hereby notified that you have received this communication in error, and that any dissemination, distribution, retention or copying of this communication is strictly prohibited. If that be the case, please reply and notify the sender. }}} == Subject: Confermi la sua webmail == * Date: 6.11.14 * Sender: helpdesk@math.uzh.ch {{{ Gentile utente UZH webmail Hai superato il limite di 23432 archiviazione della cassetta postale impostata dal WEBMAIL / amministratore, e sarete che ha problemi in invio e la ricezione di posta elettronica fino a ri-Convalida. Per evitare questo, si prega di cliccare sul link sottostante per reimpostare il tuo account. http://postservedochelpde.va... Il mancato rispetto di questa, si tradurrà in un accesso limitato alla propria casella postale Warning Grazie per aver scelto i nostri servizi UZH Webmail Saluti, UZH Webmail Servizi di Verifica Supporto | Institut für Mathematik © 2014 }}} == Subject: [cloud] Technical Support == * Date: 24.9.14 * Sender: Admin@admin.com {{{ Dear Web-mail User, Your Mailbox has reached your limit quota, You might not be able to send or get updates until you re-validate your mailbox. To re-validate your mailbox reply to this mail and fill your. {user-name : {Password : {Confirm Password : Technical Support 10.92.79.41.82 }}} == Subject: WEBMAIL UPDATE. == * Date: 18.9.2014 * Sender: WEBMAIL MAIL <webch@inbox.lv> {{{ Liebe Webmail-Nutzer, Ihr Postfach hat die Speicherbegrenzung, die 20 GB als vom Administrator festgelegte ist überschritten, Sie laufen auf 33,6 GB, bitte erneut authentifizieren Ihres Postfachs klicken Sie oder kopieren Sie den unten stehenden Link: http://webhelperz.wix.c... Warnung: Fehler beim Posteingang neu festlegen gerendert werden e-aktive aus unserer Datenbank. System-Management-Team, © Copyright 2014 }}} == Subject: University of Zurich(UZH) == * Date: 16.9.2014 * Sender: uzh-helpdesk@uzh.ch {{{ University of Zurich(UZH) Your mailbox has exceeded the set quota limit due to hidden files. You may not be able to send or receive new mails effect from on the 30th of September 2014, until you upgrade/increase your quota limit. To increase your quota limit, click the following link below and input the required details to validate your mailbox. You can copy the link into your browser if you cannot click on it. * http://mscarmallapointe50.... Failure to increase your quota limit as advised may result to loss of important information on your mailbox or cause restricted access on login. Thank you for your co-operation. UZH Technical Support Team Warning Code: ID67565434. Rämistrasse 71 CH-8006 Zürich Phone +41 44 634 11 11 / Fax +41 44 634 49 01 © University of Zurich }}} == Subject: Lieber E-Mail-Benutzer. == * Date: 2.7.14 * Sender: Zoja Katsajeva {{{ Lieber E-Mail-Benutzer, Es ist Zeit, Ihre E-Mail Services Konto zu erneuern. Ihre E-Mail-Konto wird in 24 Stunden am 3. Juli 2014. Bitte aktualisieren Sie Ihre E-Mail durch Hier klicken: Wenn die E-Mail abläuft, haben Sie keinen Zugriff mehr auf Ihre Dienste Account. Copyright © 2014. Alle Rechte vorbehalten. Online-Service-Team. }}} == Subject: E-mail Alert == * Date: 22.5.2014 * Sender: marshalled {{{ Sehr geehrter Nutzer, Bitte bestätigen Sie Ihre Konto. Um diese Aktion durchzuführen HIER KLICKEN Danke. Help Desk Universität Zürich ------------------ Dear User, Please validate your account. To perform this action CLICK HERE Thank you. Help Desk University of Zurich }}} == Subject: Account Update == * Date: 19.5.2014 * Sender: mrseva cheng {{{ We are currently updating our database and all email accounts need to be updated,uzh.ch webmail service will be upgrading to the latest 2014 anti-virus/anti-spam version.You are required to Update your account withing the next 72 hours so that your account can be updated or have your account suspended. CLICK MY ACCOUNT to update. Thank You. uzh.ch Webmail Admin. Copyright 2014©. }}} |
* Signed email: this is not commonly used but possible. We do not support those. * I-MATH members: use https://hello.math.uzh.ch - this is our secure chat server. * Decide on your own to use messengers like Signal, Threema, Telegram, Wire, !WhatsApp |
Phishing Emails
I received a phishing mail: What to do?
- Delete it.
I received a mail and I'm unsure if it is a phishing mail
Check our IT news: https://math.uzh.ch/li - we're publishing phishing mails there, as soon as we're aware of it.
Thinlinc: upper right corner you find our IT News channel. Blinking means there are new messages: right click on it to see the headlines, left click opens the channel in a browser.
Announcements starting with '[Phishing] ...' means: this is a phishing mail, delete it.
- Move the mouse over any given URL. Is the URL in the mail and the real URL (shown in the lower left corner) identical? Yes: that's a good sign.
- Do you know the URL? Yes: good sign (be very picky with comparing the URL).
Best is not to click on any URL in the mail. Instead use your bookmarks or type the URL manually - but not the one from the email! Use google to search for the correct website.
If you found nothing suspicious but you're still unsure: forward the mail to support@math.uzh.ch and ask us if it is reliable or a phishing mail.
What is a phishing mail?
An attacker tries to get your username/password by providing a website with a login box. Such a site will save your credentials. They often look identical to known websites.
What happens if I provided my credentials to a phishing site?
Thousands of people will receive spam, cause your credentials will be misused to send spam. You're reponsible for this!
The UZH will be marked as 'spammer' - UZH mail will be marked as potential spam or the receiving of UZH mail is completely denied.
- After submitting your credentials, it takes only a few minutes until the SPAM sending process starts.
If you realize something went wrong - change your I-MATH password immediately and contact us.
I can't open my mails anymore
- If we're seeing too much traffic on an account, we lock the account. This is the only way to securely stop sending further mail by the spammer.
We won't contact you: because you won't be able to read our mail anymore. You have to contact us (by your private email or via chat https://hello.math.uzh.ch).
How can I distinguish fake and reliable mail?
- Does the email ask me to log in somewhere?
- Did I request the action described in the email?
'Do not trust any email' means ...
Do not trust any email address.
Do not trust any content - see below 'Personalized...'.
Personalized by Big Data
- An attacker starts some 'big data' algorithm which reads a hacked email inbox, the collected email adresses (auto adressbook) and correlates that with other information like hacked email accounts, computer (incl. PDF, word or excel files saved on the computer) or general public available information.
A personalized email is built automatically and fits perfectly to your current situation, but it's still a fake.
Personalized by human
- With the hacked collected information and some creativity: no limits.
Should I stop using email?
- No - Email is by far the most accepted electronic way to communicate - keep it.
- Just be aware that an email behaves like a postcard: everyone can write it, with any sender address, with any information.
Are there alternatives to email?
Yes: use a service which guarantees the identity of a sender.
- Signed email: this is not commonly used but possible. We do not support those.
I-MATH members: use https://hello.math.uzh.ch - this is our secure chat server.
Decide on your own to use messengers like Signal, Threema, Telegram, Wire, WhatsApp