© Lisa Schöne

RECOGNIZE, PROTECT, REACT to Information Security

Information security is a joint task of all employees, students and members of the University of Münster. See-Protect-React represents a three-step process of competencies designed to make information security more accessible in your daily work.

The See section provides information on potential threats, attackers' approaches, and the value of your information.

The Protect section provides you with concrete action instructions, step-by-step guides, and useful tips for implementing a secure way of working in your everyday workplace.

In the React section, you will find clues on how to recognize a security-critical incident, what to do in such a case, and who to contact immediately.

Checklists

Use our IT Security Checklist to implement the necessary IT security measures at your workplace step by step.

Use our Checklist: How to Detect Scam Emails to identify and protect yourself against phishing and other harmful emails.

Also, use our Emergency Card to ensure that if you can no longer access the Internet, you can still reach your responsible contacts.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The e-mails have the subject "Dringend: Aktualisierung Ihrer E-Mail-Informationen erforderlich", "Eilige Maßnahme erforderlich: Aktualisieren Sie Ihre E-Mail-Informationen" or "AW: Achtung Mitarbeiter und Angestellte," and claim that an update is necessary for the email service. The emails have been sent out from external email addresses with different names, e. g. "uni-muenster". The link leads to an external website that is under the control of the attackers and forwards the login data to the originator. The real login website of the University of Münster was recreated in every detail.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The e-mails have the subject "Unser System hat am 11. Juni 2024 fünf fehlgeschlagene eingehende Nachrichten erkannt" and claim that some messages could not be delivered due to an error and therefore a "recovery" is necessary. The sender is pretended to be “IT_Support@uni-muenster.de” with an internal sender address. However, the link leads to an external website that is under the control of the attackers and forwards the login data to the originator. The real login website of the University of Münster was recreated in every detail.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The observed e-mails have the subject "Re: Routineanwendung für Lohn- und Gehaltsabrechnungen" and come from an external address, mostly with the name "Awais Ahmed/Sales/Islamabad". Users are requested to check their salary payout ("Verdienstabrechnung") but are instead forwarded to an external website which is controlled by the attackers to harvest their credentials.