Norwegian version of this page

Watch out! Wave of scam and phishing emails.

You have probably seen them, phishing attempts via email. Some are bad, and some are very convincing. Now, email users at UiO are being exposed to a wave of convincing scam emails.

Here is an important warning from UiO CERT, UiO's own response team for IT security incidents.

Cartoon drawing of a person sitting on the hook of a fishing rod, being reeled up from a desk with a computer, to a person wearing a thief mask sitting on a cloud.

Although this picture is funny, the threat from phishing emails is very real. Illustration: Tina Mor?nning Ruud

A new wave of scams and phishing

There were waves of scam attempts in June and August, and now we are in the middle of a third wave. These scam messages typically involve salary or payment information, often urging you to act quickly by clicking on a link to avoid missing an important payment or new salary information. The sender often claims to be from UiO or another employer.

DO NOT click!

UiO CERT urge you to NOT click on links in emails without first checking the sender and the URL behind the link. If you click on a link in such a scam email, you will first be asked to confirm that you are not a robot, and then you will be redirected to a Microsoft login and UiO's two-factor authentication. However, that initial confirmation click gives scammers access to the information you enter during two-factor authentication, allowing them full access to everything you have access to. This is injurious both for you and for UiO.

There have been UiO employees who have fallen victim to such scams, resulting in a substantial cleanup effort afterward. This could result in thousands of emails being sent from your email account, or scammers obtaining your payment information or sensitive data about you or UiO. Identity theft can also be a consequence of such scams.

What Can You Do?

UiO CERT offers clear advice:

Verify the sender. Ensure that the sender is someone you would expect to receive such an email from. If the email pertains to salary or payment information related to UiO, the sender should be a name or username followed by @uio.no or @[unit].uio.no. If you are still unsure, you can look up the name/username using UiO's Find a person search or ask your closest supervisor for advice. If you only see a display name and not an actual email address as the sender, you can try clicking or tapping on the display name to reveal the email address behind it.

Check the URL for the link. If you are prompted to click on a link, hover your mouse pointer over the link without clicking. The URL the link would take you to should then be displayed. All UiO URLs end in uio.no. Do not click on links that are not what they claim to be. If an email asks you to log in to one of UiO's systems (or another system), do not click the link, but instead search for the service in your browser and log in there.

Change your password and report it. If you have been unlucky and clicked on a link you suspect might be fraudulent, change your password immediately and then report it to UiO CERT right away. Delay in reporting increases the consequences. It is better to report once too often than not at all. Contact UiO CERT at cert@uio.no.

Learn about phishing and scams

The UiO Postmaster team have their own web page explaining about phishing and scams, and how to report them. →See Postmaster's page about phishing.

Examples of phishing emails:

The examples below are actual emails received by UiO email users. They clearly have senders that are not from UiO, and the links lead to websites that are not associated with UiO. Note: These are just examples. Phishing messages you receive may look different. If you receive a phishing message, delete it.

Bildet kan inneholde: font, elektrisk bl?, m?rke, merke.

Bildet kan inneholde: font, rektangel, terrestrisk plante, skjermdump, skr?ning.

 

 

 

 

Published Nov. 4, 2024 3:37 PM - Last modified Nov. 4, 2024 4:22 PM
E-mail this page