The Federal Office for the Protection of the Constitution is currently warning of a renewed wave of spear phishing attacks using e-mails against universities and research institutions in Germany.
These spear phishing e-mails contain links that lead to fake websites of the respective institution. The recipients are asked to enter their access data on the linked website.
After the recipient complies with this request and submits their access data on the fake page, they are then redirected to the official page of their institution's learning platform. Meanwhile, the attacker stores the personal access data in the background for later misuse.
The tricky part:
- In most cases, the sender of this e-mail is from a person at one's own or another university and thus appears to be particularly credible.
- The sender name corresponds to the name used in the email text and the contact details at the end of the email.
- In some cases, the attacker uses the recipient's network for further attacks (against other institutions).
Basically, the attacker seems to have an interest in using the spied-out system for a longer period of time.
In order to protect yourself from such an attack, it is particularly important to remain attentive and to adhere to the following recommended course of action:
- Check the sender email address and domain for plausibility.
- Watch out for emails with suspicious-sounding content or the language used.
- Avoid opening the links contained therein or entering your access data on websites with which you are unfamiliar.
- To raise awareness, also inform your colleagues inside and outside your own institution.
If you receive a spear phishing e-mail, please forward it as an attachment to the IT-ServiceDesk.