Warning Against Spear Phishing Attacks

 

The results of scientific work have always been stolen and used to the detriment of the originators. With the advent of information technology in all areas of research, new threats to the confidentiality of intellectual property arise.

Specific warnings reach RWTH and other universities from agencies such as the German Federal Office for Information Security (BSI), the German Federal Office for the Protection of the Constitution (BfV) and the German Research Network (DFN). Currently, there are warnings of so-called spear phishing attacks.

Attackers' approach

In spear phishing, the victim is spied on in advance. Only after the victim's research interests and research contacts are known, an e-mail is formulated in which the attackers mention, for example, their own publications in related research topics and express interest in the victim's topics. Such emails are then accompanied by links pointing to well-faked websites, e.g. library sites, self-service portals of the respective local institution, in order to obtain the corresponding passwords of the victim.

In order to detect such spear phishing emails, it is necessary to pay attention to security features:

• encryption of the website
• valid certificate of the website
• Checking the URL for inconspicuous modifications, e.g. ub.rwth-aachen-de.ua
• refraining from displaying HTML content in e-mails

Contact in case of suspicion

If you have any further questions or have even received a spear phishing e-mail, please contact Guido Bunsen or Jens Hektor. Of course, the IT-ServiceDesk is also available as a point of contact.