An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The e-mails have the subject "Sie haben zwei wichtige Nachrichten von der Universität Münster erhalten, die nicht zugestellt werden konnten Aufgrund einer Systemstörung." and claim that some messages could not be delivered due to an error and therefore a "recovery" is necessary. The sender is pretended to be “UNIVERSITÄT MÜNSTER-KONTAKT” with an internal sender address. However, the link leads to an external website that is under the control of the attackers and forwards the login data to the originator. The real login website of the University of Münster was recreated in every detail.

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

Those emails were sent from different external addresses and give the impression that the mailbox storage space is full and action is necessary. Different German titles could be observed, such as "Sie nutzen derzeit 100% Ihrer gesamten Speicherkapazität. Bitte geben Sie sofort Speicherplatz frei.", "Sie haben 100% Ihres Speicherplatzlimits erreicht. Es sind Maßnahmen erforderlich, um Probleme zu vermeiden." or "Bitte archivieren oder löschen Sie die Dateien. Ihre Dateien.". The emails contain links that redirect to a website that deceptively replicates the login interface of the University of Münster, but is controlled by criminals.

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The observed e-mails have the subject "Routine für die Lohn- und Gehaltsabrechnung der Mitarbeiter" and come from an external address, mostly with the name "Simon László". Users are requested to check their salary payout ("Verdienstabrechnung") but are instead forwarded to an external website which is controlled by the attackers to harvest their credentials.

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The phishing e-mails are sent with the subject "Bitte beachten Sie, dass Sie eine ausstehende Nachricht zu Ihrem Gehaltsabrechnungskalender für Februar haben" and use the fake sender "Helpdesk - University of Münster" with a sender address of the University of Düsseldorf.  The content asks you to check supposed "messages" relating to payroll accounting and contains a link to an external website that is a deceptively genuine replica of the IT portal login page.

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The observed e-mails have the subject "Re: Routine für die Lohn- und Gehaltsabrechnung der Mitarbeiter" and pretend to be from a "Margarita Hernandez" from the "Abteilung für Lohn- und Gehaltsrechnung" (payroll/salary department). Users are requested to check their salary payout but are instead forwarded to an external website which is controlled by the attackers to harvest their credentials.

An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The phishing e-mails are sent out with the subject "Die Universität Münster hat Ihnen einen wichtigen Bescheid geschickt" and use the fake sender "Die Universität Münster-Portal". Various sender addresses have been observed, some from other universities. The content requests the accessing of supposed "Bescheiden" and contains a link to an external website that deceptively imitates the IT portal login.