Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The e-mails have the subject "Dringend: Aktualisierung Ihrer E-Mail-Informationen erforderlich" or "AW: Achtung Mitarbeiter und Angestellte," and claim that an update is necessary for the email service. The emails have been sent out from external email addresses with different names, e. g. "uni-muenster". The link leads to an external website that is under the control of the attackers and forwards the login data to the originator. The real login website of the University of Münster was recreated in every detail.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The e-mails have the subject "Unser System hat am 11. Juni 2024 fünf fehlgeschlagene eingehende Nachrichten erkannt" and claim that some messages could not be delivered due to an error and therefore a "recovery" is necessary. The sender is pretended to be “IT_Support@uni-muenster.de” with an internal sender address. However, the link leads to an external website that is under the control of the attackers and forwards the login data to the originator. The real login website of the University of Münster was recreated in every detail.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The observed e-mails have the subject "Re: Routineanwendung für Lohn- und Gehaltsabrechnungen" and come from an external address, mostly with the name "Awais Ahmed/Sales/Islamabad". Users are requested to check their salary payout ("Verdienstabrechnung") but are instead forwarded to an external website which is controlled by the attackers to harvest their credentials.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The e-mails have the subject "Sie haben zwei wichtige Nachrichten von der Universität Münster erhalten, die nicht zugestellt werden konnten Aufgrund einer Systemstörung." and claim that some messages could not be delivered due to an error and therefore a "recovery" is necessary. The sender is pretended to be “UNIVERSITÄT MÜNSTER-KONTAKT” with an internal sender address. However, the link leads to an external website that is under the control of the attackers and forwards the login data to the originator. The real login website of the University of Münster was recreated in every detail.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

Those emails were sent from different external addresses and give the impression that the mailbox storage space is full and action is necessary. Different German titles could be observed, such as "Sie nutzen derzeit 100% Ihrer gesamten Speicherkapazität. Bitte geben Sie sofort Speicherplatz frei.", "Sie haben 100% Ihres Speicherplatzlimits erreicht. Es sind Maßnahmen erforderlich, um Probleme zu vermeiden." or "Bitte archivieren oder löschen Sie die Dateien. Ihre Dateien.". The emails contain links that redirect to a website that deceptively replicates the login interface of the University of Münster, but is controlled by criminals.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The observed e-mails have the subject "Routine für die Lohn- und Gehaltsabrechnung der Mitarbeiter" and come from an external address, mostly with the name "Simon László". Users are requested to check their salary payout ("Verdienstabrechnung") but are instead forwarded to an external website which is controlled by the attackers to harvest their credentials.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The phishing e-mails are sent with the subject "Bitte beachten Sie, dass Sie eine ausstehende Nachricht zu Ihrem Gehaltsabrechnungskalender für Februar haben" and use the fake sender "Helpdesk - University of Münster" with a sender address of the University of Düsseldorf.  The content asks you to check supposed "messages" relating to payroll accounting and contains a link to an external website that is a deceptively genuine replica of the IT portal login page.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The observed e-mails have the subject "Re: Routine für die Lohn- und Gehaltsabrechnung der Mitarbeiter" and pretend to be from a "Margarita Hernandez" from the "Abteilung für Lohn- und Gehaltsrechnung" (payroll/salary department). Users are requested to check their salary payout but are instead forwarded to an external website which is controlled by the attackers to harvest their credentials.

Warning about current phishing e-mails

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The phishing e-mails are sent out with the subject "Die Universität Münster hat Ihnen einen wichtigen Bescheid geschickt" and use the fake sender "Die Universität Münster-Portal". Various sender addresses have been observed, some from other universities. The content requests the accessing of supposed "Bescheiden" and contains a link to an external website that deceptively imitates the IT portal login.

Warning about the software update for the new Outlook version in 2024

The new Outlook version will replace the pre-installed e-mail program in Windows in 2024, and later also the classic Outlook from the Office package. The new version synchronizes data with the Microsoft Cloud when using IMAP or POP (Exchange is not affected), which means that e-mail content and passwords are transmitted to Microsoft.