E-mails that try to look like legitimate messages ("phishing") are nothing unusual. This morning, many university members received a message containing a link to a particularly deceptive-looking login page.
If you have clicked on the link provided and entered your password on the fake login page, please change your password immediately at password.tu-freiberg.de
The two-second test for links
In order to be able to decide for sure whether a link actually leads to a university website, move the mouse over the link without clicking on it. After about a second, the link destination appears as a mouseover directly next to the mouse pointer or, as shown here, at the bottom of the window. This works for emails as well as for links to websites.
For links to university pages, the domain name always ends with tu-freiberg.de or someunit.tu-freiberg.de. The domain name the part right before the first '/' in a link.
The sender has almost complete control over the content of an email. As can be seen here, the university logo, the sender's name or information in the signature are not reliable indicators for checking the trustworthiness of an email.
Password request? Check the address bar
![Screenshot einer Loginseite, die auf den ersten Blick aussieht, wie der Loginmaske der Universität. Ein roter Pfeil zeigt auf die Adresszeile, wo ein ungewöhnlicher Domainname ("vedic[...].co") hervorgehoben ist](/sites/default/files/styles/large_xl/public/2024-01/2024-01-15%20Fake%20Login%20mit%20Highlights.png?itok=t4JurFwA)
The website behind the link in the fake email is practically indistinguishable from our Shibboleth login at idp.hrz.tu-freiberg.de.
Always remember: The authors of a website control its content and appearance. This is why "security seals" on a website are largely useless. Just pay attention to the information in the address bar of your browser.
Make it a habit to take a look at the address bar of the browser before entering the university password: The domain name is highlighted in colour - it must end in tu-freiberg.de or someunit.tu-freiberg.de!
Further information
In an earlier message, we explained five common features of spam using an example (internal-only link). Whenever you have any doubts, please verify links as described above - it only takes a few seconds!
If you notice a conspicuous email or need help assessing it, please contact informationssicherheit [at] tu-freiberg [dot] de (informationssicherheit[at]tu-freiberg[dot]de) or call the IT Service Desk on -1818.