Aarhus University Seal

Increase in phishing mails

Aarhus University is seeing an uptick in phishing mails from cybercriminals pretending to be AU managers or colleagues. Please be extra vigilant about these kinds of emails.

Right now, there is a phishing email circulating at AU. The sender pretends to be a colleague or a manager. The purpose of the email is to lure you into buying a gift certificate from iTunes or make a large money transfer to a foreign account.

How do you recognise this type of phishing email?

  • This type of phishing email comes from an email address that doesn’t belong to AU, for example gmail.com.
  • These mails are in Danish – but not perfect Danish.
  • The mail will often state that your ‘co-worker’ or ‘manager’ is in a meeting or taking a call, and that you can only reply by mail.
  • If you answer the email, you will be asked to buy a gift certificate for iTunes and send the codes to the gift certificate or transfer money.

 

See an example:

You should always check the email address of the sender when you receive an email. If it’s not an AU email, be particularly cautious about answering, clicking links and open attached files. If you receive a mail from a co-worker or manager that’s not from an AU email address, you can call them up or send a mail to their AU address to make sure the mail is genuine.

Find out how to recognise phishing mails 

What if you fall for a phishing mail?

Don’t be ashamed if you take the bait. The best thing to do is to be open and react quickly. If you fall for a phishing mail, you should:

  1. Call your local IT support team as soon as possible and tell them what’s happened.
  2. Tell your co-workers about it so they don’t make the same mistake.

Any questions?

 

Contact your local IT support team or write to informationssikkerhed@au.dk if you have any questions about phishing.