Dear University Members,
You may have heard from the media that criminal hackers are using increasingly sophisticated methods to penetrate other people's IT networks and encrypt data there in order to extort a ransom for the decryption. In some cases, the IT infrastructure of the attacked companies is damaged to such an extent that regaining full control requires long offline times and enormous financial outlays. Various German universities have now also fallen victim to such attacks. Of course, we would like to avoid something like this for UW/H at all costs, and are constantly working on optimizing our protective measures.
Therefore, in order to warn you about potentially dangerous e-mails, our servers will mark all incoming e-mails from external senders that contain an attachment or web link with the following text highlighted in pink, starting on June 21, 2023:
"ATTENTION: EXTERNAL email! Do not click on links or open attachments unless you are sure the sender is trustworthy."
This text will appear in the affected mails at the very beginning, i.e. still above the salutation.
Internal mails or external mails without web links or attachments will not be marked.
If you have received a mail marked in this way and are actually unsure whether it is trustworthy: In such a case, it is very likely that it actually is not - this is shown by our experience with your inquiries about such cases. However, the following short videos offer a good decision-making aid in case of doubt:
Check sender & recognize dangerous attachments
Look carefully despite stress, time pressure or euphoria!
Information on this topic can also be found on our intranet pages.
You may find this marking, which will now appear in quite a few incoming mails, annoying. Therefore, here are a few explanatory words about our motivation for this measure:
Phishing mails have proven to be a gateway for successful attacks, i.e. e-mails that pretend to come from the BIT or other senders of the UW/H and are intended to trick you into entering your access data on a website prepared for this purpose. Other e-mails from supposedly trustworthy senders contain attachments with supposedly important information, but behind which executable programs are hidden that can then become active on your PC to give the attackers access to our network. We are therefore now following the example of other companies and organizations by marking potentially dangerous mails accordingly to warn you. We ask for your understanding and vigilance regarding possible attacks on the IT infrastructure of our university as described above.
Thank you very much!
Yours sincerely
Your BIT Team