• Zur Metanavigation
  • Zur Hauptnavigation
  • Zur Suche
  • Zum Inhalt
  • Zur Subnavigation
  • Zum Seitenfuss
  • Universität Hamburg
  • For journalists
  • Staff Service Portal0
  • STiNE
https://www.kus.uni-hamburg.de/aktuelles.json?recentnews=true
  • Institutions and target groups
    • Einrichtungen
      • Faculties

        • Faculty of Law
        • Faculty of Business, Economics and Social Sciences
        • Faculty of Medicine
        • Faculty of Education
        • Faculty of Humanities
        • Faculty of Mathematics, Informatics and Natural Sciences
        • Faculty of Psychology and Human Movement Science
        • Faculty of Business Administration
      • Services

        • Study Information Net STiNE
        • Surfmail
        • Exchange
        • Staff Service Portal
        • Learning Platforms
        • Katalogplus – Catalogue of Hamburg Libraries
        • SharePoint
      • Student facilities and services

        • Campus Center
        • Career Center
        • PIASTA
        • AStA (student council)
        • University Sports
        • University Music
        • Family Office
        • University Language Center
        • General Languages
        • Office of Affairs for Students with Disabilities or Chronic Diseases
        • Departmental libraries
      • Further facilities and services

        • The Cluster of Excellence CLICCS
        • The Cluster of Excellence CUI
        • The Cluster of Excellence Quantum Universe
        • The Cluster of Excellence Understanding Written Artefacts
        • Hamburg Research Academy
        • Pier Plus
        • Hamburg Center for University Teaching and Learning (HUL)
        • Center for Interdisciplinary Studies and Academic Skills
        • Center for Earth System Research and Sustainability
        • Museums and collections
        • University Archives (in German)
        • All academic institutions
        • Regional Computing Center (RRZ)
        • University Administration
        • The Unikontor Shop (in German)
    • Target groups

      • Prospective students
      • Students
      • International prospective students
      • Young researchers
      • Researchers
      • Staff
      • Prospective continuing education students
      • Alumni
      • Journalists
      • Refugees (in German only)
    Close
  • Language
    • English
    • Deutsch
  • /en/newsroom/sitemap.json
Universität Hamburg - der Forschung, der Lehre, der Bildung, zur Homepage
Newsroom
Newsroom
  • Newsroom
  • Press releases
  • Social media
  • Videos
  • Events
  • 19neunzehn
  1. UHH
  2. Newsroom
  3. Internal
  4. 2023
  5. Phishing wave

Phishing Attacks Becoming More Frequent: How University Members Can Protect Themselves

17 January 2023, by Online Services

Symbolic image of a cyber attack and red warning symbol

Photo: pixabay/Elchinator

Recently, universities have become popular targets for hackers. At the beginning of the year, Universität Hamburg was also confronted with a new wave of phishing mails. University members need to be especially vigilant. The most important questions and answers for staff

What is phishing?

Phishing efforts primarily take place via email. For example, a realistic-sounding mail urges the receiver to click on a link sent by someone the receiver allegedly knows or trusts. This link usually leads to a convincing phishing page and requests your username and password. The data is then gathered and used to take over accounts.

Often, the emails have an attachment—preferably in an Office format such as Word or Excel. Opening these installs malware that is also used to gather login data and can lead to the theft of saved files.

All staff members of Universität Hamburg, from students and teaching staff to administrative employees, are targets. Thus, we all need to be vigilant to minimize such attacks in the long term. Phishing mails are not the only problem: beware of text messages, WhatsApp, etc. and phony phone calls.

How do I recognize phishing?

In many cases, mails are recognized as spam and marked accordingly in the subject line. Phishing mails, however, are becoming more and more professional, making them hard to detect at first glance.

Often, the mails come from compromised email addresses because the affected accounts often use University-wide circulars (e.g., the Executive University board circular on the current semester), which, in further phishing campaigns, can lend greater credibility. Highly valuable and/or administrative login data may then be accessed. If messages are sent from an already-compromised mail account, they will not be marked as spam in the subject line and they may even refer to earlier correspondence.

What phishing efforts do we currently know about?

At the moment, we are dealing primarily with emails that appear to come from individual memers of University institutions, including for example the Welcome Service and the Executive University Board. The mails contain several fake links to a letter from the president and to the corona FAQs as well as a fake copy of the login page of Outlook Web Access (OWA) from Microsoft Exchange. Do not provide your login details!

Another classic ploy is a notification that the Outlook inbox is full and urging recipients to click on a link to remedy the problem.

How can I protect myself?

The most important thing is to remain vigilant when handling emails, text messages, or phone calls! Almost everyone will have to deal at some point or other with these kinds of attacks. Be especially wary if you are asked to act immediately.

Check the sender address

Therefore, carefully read your emails and check the sender address.

It is helpful when the mail has a digital signature—for example, see the recent information mails from the University Administration and from other University institutions. In Outlook, this is the red seal symbol. If you click on this, you will find more information about the signature and its validity. This allows you to determine if the mail is trustworthy or not.

Tip: Contact the Regional Computing Center to find out about personal certificates enabling your to create digital signatures. You can use this signature for greater security (in German).

Check links

Links should also always be checked. Via “mouseover,” which means skimming your mouse over the link without clicking on the link, you can see where the link leads to. The most important thing here is the first part of the address provided. Even if “uni-hamburg” is part of a long link, always look at the beginning of the link address. “uni-hamburg” must come before the first single slash ( / ).

Correct: https://www.kus.uni-hamburg.de/de.html

Incorrect: hxxps://mialhamidiyyahpancur[.]sch.id/hh/hh/hh/webmail.chemie.uni-hamburg.de.html

Therefore, always look for the first single slash in the address: this will lead you onto the right path!

As a general rule, before typing in your uni username and your password on a web page, check the address line in the internet browser to see if it’s really a University page—for example, to use a University service or mail program.

Investigate further and do not reveal passwords!

If you receive spam or suspicious emails, do not under any circumstance click on attachments or links—simply delete the mail. If you are uncertain, ask the sender via telephone or zoom if they really sent the mail.

Phone calls can also be a means for deception. Here, too, you must be vigilant—never provide access data or passwords via telephone. Nobody, not even the Regional Computing Center, will ask you to provide passwords via telephone.

How do I know if I have been the victim of a phishing attack?

There may be several clues. For example, if colleagues ask you about spam mails sent from your account. If strange activities at your user account have been registered—for example, an unusually high number of mails sent—it will be blocked administratively. You can then no longer log in with your access data.

What should I do if I have been the victim of a phishing attack?

The most important thing is to change your password immediately via user administration. This is the only way to change passwords. If personal data is being stolen, the data protection officer and the Legal Unit also need to be involved. If you have questions, contact the Regional Computing Center service line.

And most importantly: don’t be ashamed. The attacks are now frequently highly professional. One wrong click may be all it takes. You are the victim and are in no way at fault.

  • See the pages of the Regional Computing Center for more information

Latest articles

Das Hauptgebäude der Universtität Hamburg.

Photo: UHH/Schell

03.02.2023|Internal
FAQ on the coronavirus and its impact on Universität Hamburg
Do we still have to wear masks? And can staff continue to work from home? You can find the answers to the most important questions on the coronavirus pandemic in the FAQ, which is regularly updated. [Last update: 3 February 2023, 10:41 AM]
Das Hauptgebäude der Universität Hamburg.

Photo: UHH/Schell

01.02.2023|Internal
Impact of the coronavirus pandemic on staff
The most important questions and answers for staff.

Last update: 1 February 2023

  • Feedback
  • Legal notice
  • Privacy statement
  • Accessibility
  • Site map
  • facebook
  • twitter
  • instagram
  • youtube
  • lecture2go
  • lecture2go
  • lecture2go
  • Academic affairs
  • Research
  • International affairs
  • University
  • Faculties
  • Apps
  • Campus Navigator
  • Jobs
  • University elections
  • Site map
  • Continuing studies
  • Index A to Z
  • Note on accessibility
  • Prospective students
  • Students
  • International prospective students
  • Young researchers
  • Researchers
  • Staff
  • Prospective continuing education students
  • Alumni
  • Journalists
  • Refugees
  • Address
  • Map and directions

© 2023 Universität Hamburg. All rights reserved

audit familiengerechte hochschule
Audit
HRK-Audit
System accreditation
83
OBVZu9