We explain below how to recognize the majority of phishing emails. Please report suspicious mails or mails you are not sure about. Send them as an attachment to postmasterspam prevention@uni-tuebingen.de
Subject lines such as "Warning/ Warnmeldung", "account upgrade/ Konto-Upgrade", "mailbox full/ Mailbox über Größenbeschränkung" are meant to make the message sound important.
Usually, the email contains a threat (in poor German or English) to close or delete the account. This is meant to make you respond immediately – without taking time to think.
Click on the images to enlarge.
You can easily see that this email was not really sent from "webmaster@uni-tuebingen.de" and that the reply goes to an external address.
The University IT center (ZDV) never asks for your password via email!
Expressions like "F-Secure" and "password secure/ Passwort ist verschlüsselt" are meant to give the appearance of security. This is a sham!
Even though a "uni-tuebingen.de" sender address was used, this email did not originate
webmaster@uni-tuebingen.de.
Sender’s addresses can easily be falsified.
As in the first example, the answers go to an external address.
This phishing email tries to lure unsuspecting users with a link to a form in which you are supposed to enter your access data. In the webmailer you can easily see the quota status (circled in green).
This is an example of a form linked via a phishing email.
The source locator (URL) indicates that this is not a University of Tübingen web page.
This is an example of a form created by the phisher using Google Docs. The data is transferred securely (https) – but not to the University of Tübingen.
Browsers mark encrypted links in various ways (e.g. on a colored background, with a “locked” symbol), but this only means the data is encrypted when it is sent. You must check the addressee if you transmit sensitive data!