An increased amount of phishing e-mails is currently being sent to many members of the University of Münster. 

The observed e-mails have the subject "Routine für die Lohn- und Gehaltsabrechnung der Mitarbeiter" and come from an external address, mostly with the name "Simon László". Users are requested to check their salary payout ("Verdienstabrechnung") but are instead forwarded to an external website which is controlled by the attackers to harvest their credentials.

Do not open any links in the mentioned e-mails and do not reply to them. You no longer need to report this phishing e-mail to the CERT as appropriate measures have been initiated. Please delete it from your inbox.

If you have received such an e-mail and have entered your credentials on the linked website, please immediately change your password and contact the CERT (Computer Emergency Response Team) of the University of Münster: cert@uni-muenster.de

What is phishing?
Cyber attacks often begin with a phishing e-mail designed to gain sensitive information. They often look very similar to legitimate e-mails. Here you can find information on dangers, methods of distribution and criminal backgrounds. With our Checklist: How to detect scam e-mails, you can independently check whether an e-mail is a phishing using eight points.

General handling of suspicious e-mails at the University of Münster:
If you receive a suspicious e-mails relating to the University of Münster in the future (e.g. fake e-mail addresses using uni-muenster.de or wwu.de; links to login pages that imitate the corporate design of the University of Münster; identity theft of University employees etc.), please inform the CERT (Computer Emergency Response Team) of the University of Münster immediately. Please forward the suspicious e-mail as an attachment ("Forward as attachment" in Outlook or by using the key combination Ctrl + Alt + F) to spam@uni-muenster.de