Criminals do not take vacations. Criminals are sending scam messages to university staff and students for example in the name of the University IT Helpdesk. Remember to stay alert even when you're on vacation!
The messages request you to click a link to confirm your email account. Do not click the link.
IT Helpdesk never sends messages that require you to click a link to confirm your user account or password. These messages are always phishing scams.
How to identify phishing messages:
- The sender aims to disguise themselves as a familiar and reliable party, such as the IT-Helpdesk or university e-mail administration.
- The message often includes an urgent request, for example, to change your password, check your personal data or help the sender in one way or another.
- You are asked to click a link or to open an attachment without delay, often with a warning that you are at risk of losing your information or your password expiring if you do not do as asked.
- The message usually contains logos and graphic elements that are familiar from Microsoft or university services with the purpose of convincing the user of the message’s authenticity.
If you receive a phishing message to your Inbox, report it in Outlook (Junk > Report as Phishing). Phishing reports submitted via Outlook also reach the University’s email admins and help prevent IT threats.
Messages that end up directly in your junk folder have already been successfully recognized as phishing, and you need not be worried about them or report them.
Flamma’s information security site includes examples of phishing messages received by university staff and students. Also keep an eye on Flamma releases where university staff and students are warned when there are extensive phishing campaigns going on.