Many dangers lurk in the internet...
Swindlers try to get hold of your access data (e.g., your username/LoginID and password) using phishing emails. Once they can get into your account, they can use it for further fraudulent activities.
If you divulge your access data, the “phisher” has full access to your account – all your emails and all other data in the University network.
The account which has been broken into is then misused to send spam, phishing emails or virus-carrying emails in the name of the legitimate user. That damages the reputation of our SMTP server – which can lead to other email providers refusing to accept emails from the University of Tübingen. That harms all users of the University network.
We explain below how to recognize the majority of phishing emails. Please report suspicious mails or mails you are not sure about. Send them as an attachment to postmasterspam prevention@uni-tuebingen.de
Emails can be forwarded as an attachment in the following ways:
Outlook (Windows): The selected email can be forwarded as an attachment using the keyboard shortcut CTRL + ALT + F.
Outlook (Mac): Right-click on the email and select “Forward as Attachment”.
Thunderbird: Right-click on the email and select “Forward and Redirect” / “As Attachment”.
Webmailer: Right-click on the email and select “Forward” / “As Attachment”.
Subject lines such as "Warning/ Warnmeldung", "account upgrade/ Konto-Upgrade", "mailbox full/ Mailbox über Größenbeschränkung" are meant to make the message sound important.
Usually, the email contains a threat (in poor German or English) to close or delete the account. This is meant to make you respond immediately – without taking time to think.
Click on the images to enlarge.
You can easily see that this email was not really sent from "webmaster@uni-tuebingen.de" and that the reply goes to an external address.
How do I identify the actual sender address of an email?
Outlook (Windows): Hover the mouse over the sender’s name – the full email address will be displayed.
Outlook (Mac): Click on the sender’s name to view the full email address.
Thunderbird: In the opened email or the preview pane, hover the mouse over the sender’s name to see the address.
Webmailer: Hover the mouse over the sender’s name – the full email address will be displayed.
The University IT center (ZDV) never asks for your password via email!
Expressions like "F-Secure" and "password secure/ Passwort ist verschlüsselt" are meant to give the appearance of security. This is a sham!
Even though a "uni-tuebingen.de" sender address was used, this email did not originate
webmaster@uni-tuebingen.de.
Sender’s addresses can easily be falsified.
As in the first example, the answers go to an external address.
This phishing email tries to lure unsuspecting users with a link to a form in which you are supposed to enter your access data. In the webmailer you can easily see the quota status (circled in green).
This is an example of a form linked via a phishing email.
The source locator (URL) indicates that this is not a University of Tübingen web page.
This is an example of a form created by the phisher using Google Docs. The data is transferred securely (https) – but not to the University of Tübingen.
Browsers mark encrypted links in various ways (e.g. on a colored background, with a “locked” symbol), but this only means the data is encrypted when it is sent. You must check the addressee if you transmit sensitive data!
Our website uses cookies. Some of them are mandatory, while others allow us to improve your user experience on our website. The settings you have made can be edited at any time.
or
Essential
in2cookiemodal-selection
Required to save the user selection of the cookie settings.
3 months
be_lastLoginProvider
Required for the TYPO3 backend login to determine the time of the last login.
3 months
be_typo_user
This cookie tells the website whether a visitor is logged into the TYPO3 backend and has the rights to manage it.
Browser session
ROUTEID
These cookies are set to always direct the user to the same server.
Browser session
fe_typo_user
Enables frontend login.
Browser session
Videos
iframeswitch
Used to show all third-party contents.
3 months
yt-player-bandaid-host
Is used to display YouTube videos.
Persistent
yt-player-bandwidth
Is used to determine the optimal video quality based on the visitor's device and network settings.
Persistent
yt-remote-connected-devices
Saves the settings of the user's video player using embedded YouTube video.
Persistent
yt-remote-device-id
Saves the settings of the user's video player using embedded YouTube video.
Persistent
yt-player-headers-readable
Collects data about visitors' interaction with the site's video content - This data is used to make the site's video content more relevant to the visitor.
Persistent
yt-player-volume
Is used to save volume preferences for YouTube videos.
Persistent
yt-player-quality
Is used to save the quality settings for YouTube videos.
Persistent
yt-remote-session-name
Saves the settings of the user's video player using embedded YouTube video.
Browser session
yt-remote-session-app
Saves the settings of the user's video player using embedded YouTube video.
Browser session
yt-remote-fast-check-period
Saves the settings of the user's video player using embedded YouTube video.
Browser session
yt-remote-cast-installed
Saves the user settings when retrieving a YouTube video integrated on other web pages
Browser session
yt-remote-cast-available
Saves user settings when retrieving integrated YouTube videos.
Browser session
ANID
Used for targeting purposes to profile the interests of website visitors in order to display relevant and personalized Google advertising.
2 years
SNID
Google Maps - Google uses these cookies to store user preferences and information when you view pages with Google Maps.
1 month
SSID
Used to store information about how you use the site and what advertisements you saw before visiting this site, and to customize advertising on Google resources by remembering your recent searches, your previous interactions with an advertiser's ads or search results, and your visits to an advertiser's site.
6 months
1P_JAR
This cookie is used to support Google's advertising services.
1 month
SAPISID
Used for targeting purposes to profile the interests of website visitors in order to display relevant and personalized Google advertising.
2 years
APISID
Used for targeting purposes to profile the interests of website visitors in order to display relevant and personalized Google advertising.
6 months
HSID
Includes encrypted entries of your Google account and last login time to protect against attacks and data theft from form entries.
2 years
SID
Used for security purposes to store digitally signed and encrypted records of a user's Google Account ID and last login time, enabling Google to authenticate users, prevent fraudulent use of login credentials, and protect user data from unauthorized parties. This may also be used for targeting purposes to display relevant and personalized advertising content.
6 months
SIDCC
This cookie stores information about user settings and information for Google Maps.
3 months
NID
The NID cookie contains a unique ID that Google uses to store your preferences and other information.
6 months
CONSENT
This cookie tracks how you use a website to show you advertisements that may be of interest to you.
18 years
__Secure-3PAPISID
This cookie is used to support Google's advertising services.
2 years
__Secure-3PSID
This cookie is used to support Google's advertising services.
6 months
__Secure-3PSIDCC
This cookie is used to support Google's advertising services.
6 months