Phishing
There's a large wave of phishing mails going around this morning claiming to be from ZEDAT support. Neither ZEDAT nor we will ever write you mails asking you for passwords or any other credentials, since in the case of abuse we lock accounts and void credentials, making such questions unnecessary. Any communication from ZEDAT will always point to domains below fu-berlin.de. If you receive suspicious emails, please let us know about it at zedv@physik.fu-berlin.de.
News from Dec 12, 2022
How you can recognise phishing mails:
- Look for inconsistencies. Often the sender address is seemingly random and has nothing to do with FU Berlin at all, but even when the sender address is genuine, remember that emails are postcards and can be easily forged. Just about anybody can write in any sender address.
- Look for inconsistencies. Too generic subject lines, spelling or grammatical errors.
- Look for inconsistencies. Is what is being asked for consistent with the other side's expected behaviour? e.g. Would ZEDAT ask for credentials? They would not. Would ZEDAT link to pages outside of fu-berlin.de? They would not.
Beyond looking for inconsistencies always remember that scammers primary goal is to put you under pressure to make you feel, that you have to react quickly to avert some problem, because people do not act rationally under pressure. Always think twice and take your time to react. When in doubt, ask the sender (the real one) via other means. Use the usual methods of logging into your accounts and don't click links in mails or open attachments.
You can also look in the news section of https://www.physik.fu-berlin.de/en/it whether we are aware of the problem. Once we are, not everybody has to warn us. :)