Email behaviour and phishing
Here you can find information about how to spot a phishing email.
If you are in doubt whether or not an email is phishing, you can always contact your local IT support or the Information Security Department.
Typical features of phishing emails
- Requests that you act now – E.g. before your account is closed, before the money is withdrawn.
(1 - see example below) - Requests to disclose confidential information via a link in the mail or by answering the mail, for example passwords or account information.
(2 - see example below) - Requests to open attached files.
- Links which appear to be official or familiar at first glance, but which reveal a different destination when you move your mouse over them.
(3 - see example below) - A sender address which is revealed not to be official on closer inspection. For example Aarhus University <aarhusuniversity12@gmail.com>
(4 - see example below)
What is phishing?
Phishing is an attempt to use email to cheat you into providing sensitive information or installing malware. Phishing mails do this by attempting to fool you into thinking that their senders are trustworthy entities. Never open attached files or click links in mails which you suspect might be attempts at phishing.
If you fall for a phishing email
What to do if you have disclosed sensitive personal data
If you have inadvertently clicked on a link in a phishing email and disclosed sensitive personal data, such as e.g. your AU username and password, you should change your password immediately. When you have done this, you should contact your local IT support team so they can help you contain the damage and resolve the problem as quickly as possible.
We also encourage you to share your experience with your colleagues, family and friends. In this way, you can help and warn others.
What to do if you have opened an attached file
If you have inadvertently opened an attached file in a phishing email, you should contact your local IT support team as soon as possible so they can help you contain the damage and resolve the problem.
We also encourage you to share your experience with your colleagues, family and friends. In this way, you can help and warn others.
What to do if you fall for a phishing email as a private individual
If you have inadvertently clicked on a link in a phishing email and disclosed sensitive personal data, such as e.g. your username and password to e-Boks or your credit card information, you should change your password or block your credit card immediately.
It is also a good idea to change your passwords to other services, if your were tricked by phishing.
We also encourage you to share your experience with your colleagues, family and friends. In this way, you can help and warn others.
Trygfonden and the Danish Consumer Council have released an app called ‘Mit Digitale Selvforsvar’ (‘My Digital Self-defence’). The app makes it possible to send tips and receive warnings of phishing emails.
