Posts Tagged ‘phishing’

Do not blindly trust mail

Tuesday, November 3rd, 2009

The current wave of password phishing mails seems to provoke an unusually high attention rate.  People seem to think that mail allegedly coming from help@ethz.ch may be genuine.  The german text itself is so bad that its spammy character is obvious to long time mail users.

Remember: any part of a mail can be faked. This is in the design of the mail system and cannot be fixed without making mail usage a lot harder for everybody.  And even if we used a better system (like cryptographic signatures) the rest of the world would not follow.

Therefore, be sceptic about any mail until the complete impression including the writing style fits the picture.  No IT support worth their salt will ask you to reveal your password.  And if they do they deserve to be ignored!

Beware of phishing e-mails

Wednesday, June 17th, 2009

Of course ‘UPGRADE YOUR ETHZ E-Mail-Konto.‘ is a phishing attempt. And not a bad one at that. The German is halfway correct and they even used different From: and Reply-To: addresses. But still: no administrator worth her title would ever ask for a password. Please delete.

Be aware of phishing e-mails

Monday, February 23rd, 2009

Currently a great number of phishing e-mails are flooding the intarwebs, not all of which are being discarded by our spam filters.

Please remember that neither we nor ETH Informatikdienste would ever ask you to provide your account data, let alone via e-mail. Never ever send this information to anyone.

These e-mails are pretty well written, but sender addresses like <info@account.com> and <accountupgrade@j-mail.info> should make all your alarm bells go off.

Thanks for your cooperation.