Cyber criminals are currently sending scam messages to university staff and students in the name of the Finnish Police. The files contain a malicious PDF-attachment.
Do not open the attachment or reply to the message – delete the message immediately. If you have replied to the message, contact IT Helpdesk:
- Chat (weekdays 9–15, chatbot 24/7): helsinki.fi/helpdesk
- Call: 029 41 55555 (weekdays 9–15, local network charge / mobile call charge)
- E-mail: helpdesk@helsinki.fi
Scam messages are commonplace these days – every student and university staff member is responsible for safeguarding information security at the university! Read the information security guidelines of the University of Helsinki and instructions regarding phishing messages. Please also regularly visit the examples of email scams page.
Please note that you do not have to report phishing messages located in your spam e-mail folder to the university IT Helpdesk. These scam messages have been successfully filtered to your spam e-mail folder, and both the university IT security team and IT Helpdesk are aware of them.
Phishing messages
- The scammer is usually in a hurry – some action needs to be taken immediately (e.g. changing your password, urgent request for help).
- The links included in the phishing messages are often disguised as calendar invitations, Teams invitations, password expiry notifications etc. The messages direct you to a separate website or contain an attachment.
- Phished usernames are, among other things, often used for scam messaging. This may result in the university ending up on the spam lists of other organizations, and messages sent from university addresses will no longer be received by the message recipients.
- Do not click any links in phishing messages or open attached files!
To safeguard university user credentials and accounts, the IT Center’s e-mail administration removes scam e-mails that have passed through spam filters from the Outlook mailboxes of university staff and students centrally during each e-mail phishing campaign. The messages are removed using Microsoft Defender’s malicious e-mail removal function.
Do not be alarmed if you notice that a malicious e-mail message you have received has disappeared from your e-mail. Only scam messages are removed – our e-mail administration cannot see the contents of your e-mail and does not access any other data during the removal process.