What Is Phishing?
Phishing is a form of fraud where you receive emails intended to steal personal data, your UiO account password, bank account/credit card information, or similar details.
The video below provides a quick introduction to phishing and other fraud methods. Subtitles are available in English.How Can I Identify Phishing and Other Fraudulent Emails?
The video below goes in-depth on how to recognise phishing and other fraudulent emails. Subtitles are available in English.I Have Received a Phishing Email
Please forward it to UiO-CERT (cert@uio.no) as soon as possible. This allows us to take necessary security measures and minimise potential consequences for others.
If the email is targeted or well-crafted, the likelihood of someone else being deceived increases. Therefore, it is especially important to report it.
I Clicked on a Fraudulent Link, but Nothing Else
Many people experience clicking on a link in an email, only to discover that it was a phishing link. Don't worry, this is fine. The most important thing you can do is to forward the email you received to UiO-CERT, so that we can take necessary security measures and minimise any potential consequences for others.
Please keep an eye out for the following:
- If your email address was pre-filled, or you can see your email address in the address field, the scammers have most likely noticed that you clicked. The worst-case scenario is that you may receive more spam and phishing attempts in the future, but beyond this, no harm has been done.
- Do not enable notifications from the website if asked.
- Do not click on, or download anything, from the webpage.
- Do not type or share any information on the webpage.
- If you typed in your username and password, but didn't click anything you may have still compromised your account.
I Clicked on a Fraudulent Link and Typed In My Username and Password (and 2FA)
Change your password immediately.
You may follow this guide on how to change your password.
If you also approved the login with two-factor authentication, you must check (after changing your password) if anyone has abused this to add their own phone as an approved two-factor device on your account. Delete any devices you do not recognise. Check your approved devices here.
Report it to CERT so that we can secure your account and investigate if there has been misuse. There are no consequences to you by reporting this. Also, send a copy of the phishing email you received, and mention whether you had to use two-factor authentication.
I Have Received an Email from Someone Claiming to Be a UiO Employee or Supervisor
This is a common type of fraudulent emails where the sender pretends to be a UiO supervisor in need of assistance or an immediate response. If you responded to the initial request and were asked to purchase gift cards or received a fake invoice, you can safely delete the emails and disregard the matter.
Please forward it to UiO-CERT (cert@uio.no) as soon as possible. This allows us to take necessary security measures and minimise potential consequences for others. Because the sender can always hide behind new email addresses, and the first message they send is often general or innocent, we unfortunately cannot block all of the phishing attempts.
I Receive Too Much Spam
UiO and Microsoft continuously works to reduce the amount of spam by filtering it out automatically for you, but as it is a tug of war, the problem will never completely disappear.
I Am Repeatedly Receiving Two-factor Authentication Requests, but Have Not Attempted To Sign In
This usually has one of two causes:
- Either you have an SSH or RDP client, or similar, that has crashed, which you can check through Microsoft My Sign-ins.
- If you do not use these tools, then someone has likely obtained your password and is trying to trick you into accepting a notification. The main reason we need to enter a number in the two-factor app is to make such attacks more difficult. Change your password immediately (You may follow this guide on how to change your password). Report it to CERT so that we can secure your account and investigate if it has been misused.
I Suspect That I Have Been Hacked or Infected with a Virus
If you experience suspicious behaviour from your PC or for any other reason suspect that you have been hacked, contact UiO-CERT.
Hacking is a term used for many different things. The most common are:
- Someone has taken control of a user account, for example, a UiO account.
- Prevention: As a regular IT user, the most important thing you can do is ensure that you only enter your username and password on websites you trust. Phishing via email is the most common (and successful) hacking method, as you can read more about above.
- One has acquired a virus or malware on their PC. Read about how to scan your PC for viruses here (only in Norwegian). You can also read more about fake virus alerts (only in Norwegian) such as You have (5) new viruses.