Unwanted e-mails are called spam. There are many different types of spam which can be found in e-mail inboxes on a daily basis. Here you find information about the different types of unwanted, malicious e-mails, how you can identify them and how you can protect yourself against such e-mails.
The following explanations help to identify spam and phishing e-mails in the best possible way. In addition, the information on how to check links is also helpful for daily use of the Internet use since they help to avoid fraudulent websites.
If you have to answer one or more questions with “yes”, this may be a phishing attack. However, phishing attacks are becoming more and more professional so that it can be a phishing e-mail even if none of the above mentioned requirements is fulfilled. If you are sure that you have received a spam/
*Senders can be forged easily. Phishing e-mails can also be sent through hacked accounts. A trustworthy sender does therefore not guarantee a trustworthy e-mail! Please be wary and when in doubt, please ask the sender (University IT, colleagues, bank, shop) through another communication channel.
This is the most simple way to check a link. This applies to e-mails as well as to links in the browser. However, with this method you need to stop each time before clicking on a link and check the target of the link. Hover your mouse over a link and wait a moment. After a short amount of time, a small window indicating the target of the link appears over the mouse cursor or the target is shown at the left bottom of the window.
If HTML is enabled in e-mails this ALWAYS has to be checked, since other targets may be hidden behind links which are actually unambiguous. The following example shows a link to the university’s website which actually leads to Google as soon as you click on this link.
If you keep forgetting to check links before clicking them and want to play it safe, you can disable HTML e-mails in your e-mail program. The advantage is that the actual target of a link is shown directly in the text.
If HTML is enabled in e-mails it is not possible to immediately identify the target of a link in an e-mail.
The following example show three types of links which may be found in an e-mail:
Comparing this to the e-mail text where HTM is disabled shows:
In order to get this view and to identify the targets of links more easily, please refer to the following instructions by Microsoft: https://support.microsoft.com/en-us/office/read-email-messages-in-plain-text-16dfe54a-fadc-4261-b2ce-19ad072ed7e3?ui=en-us&rs=en-us&ad=us
The domain is the name of a website. If you have found the domain part of link you can verify it.
To identify the domain part you go to the right end of the link until you find the first single slash “/”. Then you go to the left until you find the second dot “.”. The part between these two symbols is the domain part.
Below you will find a few examples where the domain part is marked in bold
As soon as you have found the domain part you can verify the link. Simply compare the domain part with the domain part of the website you know to which the link allegedly directs.
Here are some examples of fraudulent websites:
Please note that these are simply examples and that other forging methods or combinations of the tricks mentioned are possible.
Never click on a link, if you have identified one of the fraudulent tricks mentioned above. Please open the website directly – by entering the address in the browser if you know it by heart – or use a search machine.