An increased number of phishing emails are currently being sent to many members of the University of Münster. 

The emails have the subject 'Eingehende fehlgeschlagene Nachrichten' and pretend to be sent by the 'IT-Helpdesk'. They claim that incoming emails could not be delivered and suggest that they can be retrieved from the 'Message Center'. However, the link leads to a fake website that convincingly replicates the University's login page. Please note that this is not a legitimate webpage of the University of Münster, and any login credentials entered will be transmitted to the attackers.

Do not open any links in the mentioned emails, and do not reply to them. You no longer need to report this phishing email to CERT as appropriate countermeasures have been taken. Please delete it from your inbox.

If you have received such an email and have entered your credentials on a linked website, please change your password and contact CERT (Computer Emergency Response Team) of the University of Münster immediately:
cert@uni-muenster.de

What is 'phishing'?
Cyber attacks often begin with an email designed to 'fish' for an d collect sensitive information. Phishing emails often look very similar to legitimate emails. Here you can find information on the dangers, methods of distribution and criminal backgrounds of phishing. With our eight-point checklist 'How to detect scam emails', you can independently determine whether an email is a phishing attempt.

How to handle suspicious emails at the University of Münster
If you receive a suspicious email referring to the University of Münster (e.g. fake email addresses using uni-muenster.de or wwu.de, links to login pages that imitate the corporate design of the University of Münster, identity theft of University employees etc.), please inform CERT (Computer Emergency Response Team) of the University of Münster immediately. Forward the suspicious email as an attachment ("Forward as attachment" in Outlook or by using the key combination Ctrl + Alt + F) to spam@uni-muenster.de