In recent weeks, employees have received a large number of phishing e-mails. Since some of these phishing emails were also sent from internal accounts, it was not easy to distinguish them from legitimate emails. We talked to Prof. Florian Adamsky about how Hof University of Applied Sciences deals with this and what tips he has for recognizing phishing emails.
Prof. Adamsky, in day-to-day university operations, you don’t get much notice of “fake” emails. What is going on in your background right now? How are you actively combating the phishing emails?
“The good news is that so far it has not been necessary to shut anything down. The attackers have so far “only” sent phishing emails and not gained access to the network.
Most of our work happens preventively. We offer information security training every semester, which is now mandatory for new colleagues as well. These are recorded and can then be viewed on the university’s internal network at any time; they are offered in German and English. We display posters at the university to inform students and employees.
We are also developing new security concepts for the university, such as the introduction of multi-factor authentication. This further enhances security and makes phishing attacks more difficult, because another factor is required in addition to the user name and password. We also actively scan the university’s network and look for security vulnerabilities and then try to work with stakeholders to eliminate the vulnerabilities. If there’s a current incident, like the phishing wave now, then we advise the university management and IT and work together on solutions.”
How do you spot a phishing email in a hurry?
“An effective way to spot phishing, even if it’s coming from compromised accounts, is to hover your mouse over the links – that is, slowly slide your mouse over the links – and check to see if the URL is legitimate. Is the URL from hof-university.de?”
How is the interaction with the university’s IT?
“Very good. The IT department is well aware of the importance of IT security. There are sometimes scenarios where the systems can’t be secured so easily, so we work together on alternatives to still achieve a high level of protection.”
What other tips do you have for us?
“We always like to recommend the “3-second security check, which can be used to improve the detection of phishing emails.
- Is the sender email address known?
- Does the sender address differ from the display name?
- Does the subject make sense?
- Is an attachment or link expected from this email address at this time?
- Does the content relate to the email history?”
Thank you, Professor Adamsky!
Here is the link to the internal training – you can find it in the course “Information Security” under the category “Phishing E-Mails” or under the following link:
