Warning of a wave of phishing emails

Recently, we have registered several phishing emails where attackers are trying to extort passwords from users. These messages come in various forms, but mostly they try to force the user to click on a link (e.g. a notification about the need to verify the email account or a security alert about payroll). We therefore ask again for increased caution when reading the messages.

Do not click on links in such emails, and if you are unsure of the origin of the message, send it to csirt@muni.cz for verification, where they can block the attacker's address.

If you have already clicked on the link and entered your login details, change your password immediately via https://muni.islogin.cz/heslo_primarni/9T2arqbU0JZyRnKEWaZYrqnD

Common signs of a fake message include an unknown sender's address or strange form of the Czech language. However, when you click on the link, still pay attention to the URL address in the address bar, which will also tell you in most cases that it is a fake (logging into the MU network must always be done at id.muni.cz, if the address is different, it is usually a scam). We recommend reading more details on the issue of fraudulent e-mails in the materials provided by CSIRT-MU: https://security.muni.cz/socialni_inzenyrstvi, or we recommend studying the Cybercompass materials.

Below are some examples of the recent spear-phishing emails.

Thank you!