© Lisa Schöne

RECOGNIZE, PROTECT, REACT to Information Security

Information security is a joint task of all employees, students and members of the University of Münster. See-Protect-React represents a three-step process of competencies designed to make information security more accessible in your daily work.

The See section provides information on potential threats, attackers' approaches, and the value of your information.

The Protect section provides you with concrete action instructions, step-by-step guides, and useful tips for implementing a secure way of working in your everyday workplace.

In the React section, you will find clues on how to recognize a security-critical incident, what to do in such a case, and who to contact immediately.

Checklists

Use our IT Security Checklist to implement the necessary IT security measures at your workplace step by step.

Use our Checklist: How to Detect Scam Emails to identify and protect yourself against phishing and other harmful emails.

Also, use our Emergency Card to ensure that if you can no longer access the Internet, you can still reach your responsible contacts.

Note on unauthorized e-mail apps

A number of apps and programs are not permitted to retrieve emails from the University Münster mailboxes (both via Exchange and IMAP or POP).

The list currently includes the following applications:

  • Outlook-App for Android and iOS
  • Outlook for MacOS (when using IMAP with CloudSync)
  • The "new Outlook" or "Outlook (new)" (the Outlook version pre-installed under Windows 11)
  • Edison Mail
  • Newton Mail
  • Spark Mail
  • BlueMail
  • Xiaomi Mail/MiMail
  • Canary Mail
  • myMail
  • Mail.ru
Email apps that use (cloud-based) AI functions to read and analyse emails are also prohibited.

Click here for the full note

Warning about current phishing e-mails

An increased number of phishing emails are currently being sent to members of the University of Münster. 

E-mails are being sent with varying sender addresses, sometimes even fake University of Münster email addresses or email addresses from other universities. Often, the IT support or supervisors are impersonated. So far, the following subjects have been observed:

  • Achtung: IT-technischer Support
  • Handlung erforderlich: E-Mail-Konto verifizieren
  • Mandatory Action Required, 8 pending messages that need review
  • Wichtige Kursänderung!
  • Zeitkritisch
Different false pretenses are being used to lure recipients to a website controlled by the attackers, which collects the entered login credentials. Primarily, updates or verifications for the mailbox are mentioned, but also alleged updates on courses or time-critical tasks have been observed.

Warning about current phishing e-mails

An increased number of phishing emails are currently being sent to members of the University of Münster. 

These emails pretend to be from the "IT Servicedesk" or "IT Support" with varying sender addresses, including some that appear to be legitimate University of Münster email addresses. So far, the following subjects have been observed:

  • AW: Help Desk
  • RE: IT-Servicedesk-Support
  • RE: Ticket #89585 IT-Servicedesk.
The emails claim that a migration or update of the Outlook mailbox is necessary and that recipients need to verify themselves using their login credentials. This is just a pretext to lure recipients to an external website controlled by the attackers, which collects the entered login credentials.