New phishing mails with the subject "available"
An unexpected query from the professor
Please be attentive and careful when you receive an email from your professor. It could be a fake. Fraudsters have apparently searched the website for the names, titles and addresses of university employees and are now sending e-mails that appear to have come from their respective superiors. The harmless-looking messages first ask for a quick favor, for example:
If you have a minute, could you please drop an email.
The "from" field uses the correct name and the information from the signature is taken from the website, while the return address is using external mail providers, such as gmail.com. Both English and German are known to be used.
If you do not recognize the forgery immediately and you reply, you will be asked to buy a gift card under a pretext and then submit the code to the scammer:
Thanks for the response, I need to send Google play gift cards to some prospects but I can’t do that right now because I’m currently busy in the Hospital checking on a friend, he's critically ill. Let me know if its possible to get them right now, so I can tell you the amount needed on each cards. I’ll reimburse you.
In this case an urgent hospital visit is used against the backdrop of the ongoing corona crisis, while other mails refer to a longer meeting. Once the codes for gift cards (such as Google Play, Amazon or iTunes) are redeemed, the transaction cannot be undone and the money is irreversibly lost. Criminal complaints almost never lead to the perpetrator being discovered.
What should I be looking out for?
Be vigilant while checking your emails. You should be especially distrustful when you notice one of the following signs:
- The sender does not use the usual address or
- the address does not match the sender,
- grammar or spelling are unusually bad,
- you are being pressured (the matter is presented as exceptionally pressing or important),
- contains an attachment or a link.
If you are at all unsure about a message, do inquire – better safe than sorry!
- Call the supposed sender of the message or
- send them a message to a known email address.
- You can also get in touch with the IT service desk (see below).
I need to report an incident
Did you already reply to one of these mails, have opened a link or attachment contained in one or did you reveal information? Do you have questions regarding emails or IT security? Don't hesitate to contact the IT service desk via email at servicedesktu-freiberg [dot] de or call 1818.
For more information on the current threat situation, we have provided some sources for you to read (mostly in German):
- New wave of phishing mails: Gift cards for the supervisor
Source: tu-freiberg.de/urz, 16.04.2020
- Digital Signature: How to verify the authenticity of your e-mails
Source: tu-freiberg.de/urz, 21-02-2020
- Spam, Phishing & Co.