If you have to answer one or more questions with “yes”, this may be a phishing attack. But some phishing e-mails seem so real, that it only makes sense to be aware. Therefore, we advise you to be generally careful when dealing with your e-mails.
|O||Is the greeting impersonal, missing, or in a different format than the rest of the text? The same applies to the tone of the e-mail or conversation.|
Are the contact details or the signature incorrect?
Is someone calling you from an anonymous number or from an unknown country?
|O||Are you instructed to open attachments?|
|O||Are you instructed to open links?|
|O||Are you instructed to send gift cards or carry out a bank transfer?|
|O||Are you asked to disclose confidential information (e.g. for login data, internal contact details or requested to make a payment)|
|O||Are you asked to act quickly? Are you threatened with negative consequences?|
|O||Does the e-mail contain many typos or wrong letters (especially Umlaute)?|
Unfortunately, a trustworthy sender does not guarantee a trustworthy e-mail. If you are unsure, use another way of communication to ask the sender directly. You can contact employees of the university via phone or other communication tools.
If you are unsure:
Please check your computer for viruses at regular intervals.
1) Hover the mouse over the link. After a short while, you will see the target link (see picture).
As an alternative, you can also turn off HTML so that you see your e-mails in text form first. Follow the Microsoft instructions: https://support.office.com/de-de/article/lesen-von-e-mail-nachrichten-im-nur-text-format-16dfe54a-fadc-4261-b2ce-19ad072ed7e3
2) Check the domain part which is the name of a website, e.g. www.bwl.uni-mannheim.de/programs.
Be aware of forged domain parts! Here are some examples:
Ask yourself: “How plausible is the issue of the sender?”
System 1 is responsible for System 2 which may lead to several problems, when a phishing mail is in your inbox, because we are used to
In addition, the design is familiar. Everybody knows the annoying error message. We are intuitively clicking the box, before we read and understood the message.