16.03.2023: Aktuelle Phishing-E-Mails

At the moment there is an accumulation of phishing e-mails with the subject "Mail delivery failure: Allow suspended mails", among others. It is very important to be able to determine for yourself whether it is a phishing email.

Current phising e-mails ask you to click on a link or a button, which can then be used to get malicious documents onto your own computer, which then lead to an infection with a virus or Trojan. Caution is advised here!

In concrete terms, such a phishing e-mail can look like the following (in this example, it is about the memory usage in the e-mail account and that this should be more or less full and that you should click on a button "Solve Now" to solve the problem)

Behind the "Solve Now" button there is a link to a malicious URL. What is striking about the current phishing e-mails is that the text "ipfs" is often part of the URL.

What can be done? Despite the many e-mails we receive every day, it is worth being attentive and assessing whether a conspicuous e-mail could be a phishing e-mail.

How to recognise that an email is a phishing email is shown in three entertaining videos by the SECUSO research group at KIT, see [1]. In our podcast episode "I am not a target - About email, phishing, certificates" you can learn more about phishing and security measures in email traffic in an entertaining way.

For the technically interested, details on phishing emails with ipfs context can be found in [3].

[1] https://secuso.aifb.kit.edu/1047.php

[2] https://www.videoportal.uni-freiburg.de/channel/video/Jetzt-macht26230393Bs-Klick-2D-Sicher-durch-die-digitale-Uni2DWelt2E-Folge-13A-Ich-bin-kein-Ziel-2D-Ueber-E2DMail2C-Phishing2C-Zertifikate/5fc6450b7f366bca644ce6b0228074d6/9

[3] https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/ipfs-the-new-hotbed-of-phishing/

Status: 2023-03-16, 21:08, MH