As is widely known from the press, cyber threats - dangers on the internet and in email traffic - do not stop at universities. Unfortunately, our university is also regularly exposed to various forms of attack, which is why it is particularly important that staff and students are aware of the dangers and are able to react correctly in an emergency.

Phishing is one of the most widespread types of risk that employees and students often come into contact with in their everyday lives. The term "phishing" is made up of the words "password" and "fishing", i.e. "fishing for passwords". An attacker attempts to access the personal data of an internet user via fake websites, emails or messages and misuse this data for their own purposes, usually at the expense of the victim.

A special variant of phishing, which has also already occurred at our university and has unfortunately often led to the loss of 1000 euros or more, is the so-called CEO fraud or CEO scam. Here, you as an employee are supposedly contacted by your superior (or as a student supposedly by your professor or lecturer) and after a few unsuspicious emails ("Hello, are you available?") you are asked to buy vouchers and gift cards. This scam is particularly successful and credible if the order is placed in the run-up to Christmas - the gift cards are then supposedly distributed as presents in your department.

In order to minimize the risk of falling victim to a phishing attack, awareness and basic knowledge of this danger is just as important as a healthy distrust of emails that appear conspicuous and strange. However, the security of email accounts or other sites that require registration also requires a certain level of risk awareness, especially when dealing with passwords.

With the following information and tips, we would like to provide you with a quick and easy-to-understand guide that will enable you to familiarise yourself with the most important dangers and the most important precautionary measures in a short space of time.

As a general rule, listen to your gut feeling and tend towards a healthy distrust when in doubt. If you are ever unsure or otherwise need help and support with cyber security, don't hesitate to contact us!