Phishing Attack on RWTH E-Mail Accounts
On 29.01.2020, 1418 e-mails were sent to RWTH members as part of a phishing attack. A link to a fake RWTH login mask was distributed (compare picture above).
In the course of this attack, we would like to inform you about ways of checking the authenticity of a website for your protection:
Please check the URL of the website. Is it unobtrusive? Is the domain known? The correct domain of the RWTH mail app is for example "mail.rwth-aachen.de/owa/".
For RWTH applications that are authenticated via Shibboleth "RWTH Single Sign-On", the URLs start with the domain "sso.rwth-aachen.de".
Details of the certificate used can be obtained by clicking on the small lock in the URL bar of your browser.
In our documentation portal you will find illustrated instructions on how to check a website using the certificate. Please note that the procedure varies from browser to browser.
If you are still not sure whether a website is trustworthy, do not click on any links or enter any data. Please contact the IT-ServiceDesk immediately.