An increased number of phishing emails are currently being sent to members of the University of Münster. 

The emails have subjects like "Outlook Admin Team!", "AW: IKT-Servicedesk" or "(own email address): IT Security Alert: Your Password Expires In 24 Hours" and pretend to be sent from the University of Muenster. The emails claim that an update or migration of the Outlook mailbox is necessary. However, these are just false pretenses to lure recipients into visiting an external website controlled by the attackers, which steals entered login credentials.

Do not open any links in the mentioned emails, and do not reply to them. You no longer need to report this phishing email to CERT as appropriate countermeasures have been taken. Please delete it from your inbox.

If you have received such an email and have entered your credentials on a linked website, please immediately change your password and contact CERT (Computer Emergency Response Team) of the University of Münster immediately: cert@uni-muenster.de

What is 'phishing'?
Cyber attacks often begin with an email designed to 'fish' for an d collect sensitive information. Phishing emails often look very similar to legitimate emails. Here you can find information on the dangers, methods of distribution and criminal backgrounds of phishing. With our eight-point checklist 'How to detect scam emails', you can independently determine whether an email is a phishing attempt.

How to handle suspicious emails at the University of Münster
If you receive a suspicious email referring to the University of Münster (e.g. fake email addresses using uni-muenster.de or wwu.de, links to login pages that imitate the corporate design of the University of Münster, identity theft of University employees etc.), please inform CERT (Computer Emergency Response Team) of the University of Münster immediately. Forward the suspicious email as an attachment ("Forward as attachment" in Outlook or by using the key combination Ctrl + Alt + F) to spam@uni-muenster.de