Warning about phishing: messages sent in the name of university staff detected

Recent detections include for example messages where the sender’s name is that of a familiar university colleague, but the sender address is an external email address. Be on alert if you receive an unusual request for help from a colleague.

Phishing messages and scam calls are commonplace these days – every student and university staff member is responsible for safeguarding information security at the university! Visit Flamma to read the information security guidelines of the University of Helsinki and instructions regarding phishing messages. Please also regularly visit the examples of email scams Flamma-page.

Phishing messages

• The scammer is usually in a hurry – some action needs to be taken immediately (e.g. changing your password, urgent request for help).
• The links included in the phishing messages are often disguised as calendar invitations, Teams invitations, password expiry notifications etc. The messages direct you to a separate website or contain an attachment.
• Phished usernames are, among other things, often used for scam messaging. This may result in the university ending up on the spam lists of other organizations, and messages sent from university addresses will no longer be received by the message recipients.
• Do not click any links in phishing messages or open attached files!