Phishing and mail spoofing

What is phishing and spoofing email?

Emails are referred to as phishing, e.g. try to steal passwords or spread a virus on a computer.

A phishing email can be, for example, a fake invoice or an attractive offer. It often requires immediate action to get you to fill out a fake form, click the link to a fake website, or open an infected attachment.

The goal of e-mail spoofing is to fake the sender of an e-mail in this way. E-mail spoofing sends e-mails with a fake sender address that can be confused with a known sender address, so that the recipient thinks that it comes from a trusted source. 

How to identify phishing

  • Is the sender known and their email address correct?
  • Does the subject make sense?
  • Is a personal salutation missing?
  • Are there frequent spelling or grammar mistakes?
  • Is the email particularly urgent? Does it require a fast response in order to profit from an especially lucrative offer?
  • Does it require you to enter your password on a specific webpage to prevent being locked out of an account?
  • Is an attachment expected from this sender?
  •  
  • If these three points do not give a coherent picture, you should forward the suspicious email to phishing@ethz.ch

Phishing & malware procedure

Forward the email as an attachment to the email address phishing@ethz.ch.

This email address informs various ETH offices as well as those responsible for MailCleaner at the same time.

Forward as attachment

There is a possibility to do this with Outlook > More Actions > Forward as Attachment (see also the section “PDF Other Clients”).

Outlook > More > Forward as attachment

Please do not forward spam or phishing mails as an email only. Please always as an attachment.

  •  

If you have already clicked

If you have been taken in by a phishing email and clicked on the link, please contact MTEC Service Desk immediately.