ETH Homepage

Phishing and mail spoofing

What is phishing and spoofing email?

Emails are referred to as phishing, e.g. try to steal passwords or spread a virus on a computer.

A phishing email can be, for example, a fake invoice or an attractive offer. It often requires immediate action to get you to fill out a fake form, click the link to a fake website, or open an infected attachment.

The goal of e-mail spoofing is to fake the sender of an e-mail in this way. E-mail spoofing sends e-mails with a fake sender address that can be confused with a known sender address, so that the recipient thinks that it comes from a trusted source. 

How to identify phishing

  • Is the sender known and their email address correct?
  • Does the subject make sense?
  • Is a personal salutation missing?
  • Are there frequent spelling or grammar mistakes?
  • Is the email particularly urgent? Does it require a fast response in order to profit from an especially lucrative offer?
  • Does it require you to enter your password on a specific webpage to prevent being locked out of an account?
  • Is an attachment expected from this sender?
  • If these three points do not give a coherent picture, you should forward the suspicious email to

Phishing & malware procedure

Forward the email as an attachment to the email address

This email address informs various ETH offices as well as those responsible for MailCleaner at the same time.

Forward as attachment

There is a possibility to do this with Outlook > More Actions > Forward as Attachment (see also the section “PDF Other Clients”).

Outlook > More > Forward as attachment

Please do not forward spam or phishing mails as an email only. Please always as an attachment.


If you have already clicked

If you have been taken in by a phishing email and clicked on the link, please contact MTEC Service Desk immediately.

Further information

How to recognise phishing emails