The most important thing is to remain vigilant when handling emails, text messages, or phone calls! Almost everyone will have to deal at some point or other with these kinds of attacks. Be especially wary if you are asked to act immediately.
Check the sender address
Therefore, carefully read your emails and check the sender address.
It is helpful when the mail has a digital signature—for example, see the recent information mails from the University Administration and from other University institutions. In Outlook, this is the red seal symbol. If you click on this, you will find more information about the signature and its validity. This allows you to determine if the mail is trustworthy or not.
Tip: Contact the Regional Computing Center to find out about personal certificates enabling your to create digital signatures. You can use this signature for greater security (in German).
Links should also always be checked. Via “mouseover,” which means skimming your mouse over the link without clicking on the link, you can see where the link leads to. The most important thing here is the first part of the address provided. Even if “uni-hamburg” is part of a long link, always look at the beginning of the link address. “uni-hamburg” must come before the first single slash ( / ).
Therefore, always look for the first single slash in the address: this will lead you onto the right path!
As a general rule, before typing in your uni username and your password on a web page, check the address line in the internet browser to see if it’s really a University page—for example, to use a University service or mail program.
Investigate further and do not reveal passwords!
If you receive spam or suspicious emails, do not under any circumstance click on attachments or links—simply delete the mail. If you are uncertain, ask the sender via telephone or zoom if they really sent the mail.
Phone calls can also be a means for deception. Here, too, you must be vigilant—never provide access data or passwords via telephone. Nobody, not even the Regional Computing Center, will ask you to provide passwords via telephone.