Beware of phishing! (deutsche Fassung: hier)

Dubious notifications, voice mails or mailboxes reaching their limit

Again and again, waves of phishing and spam are hitting the Ruhr-Universität. Different messages are urging recipients to enter login data, follow dubious links and downloads or make payments. The contents and requests are very different, but many seem quite credible and genuine. Typically, senders indicate a reference to Ruhr-Universität.

Current phishing example

Fake-MitarbeiterportalThe phishing email was sent in April 2024. The Outlook Web-App 2024 link is a fake, third-party website that does not lead to RUB.

The image was created with Outlook. The elements outlined in red indicate the forgery.

We show examples of current phishing e-mails with clear indicators for checking authenticity. Please note that the content, sender and appearance of the phishing mails change regularly:
Further typical examples

So what should be kept in mind?

Take the time to check the sender and the links contained for authenticity. Do not follow any links whose authenticity you cannot verify. If necessary, alert your superiors and your team. Ask your IT administration. Follow our instructions and attend the latest awareness training courses to stay informed.

What to do if ..

... you have followed a phishing link?

The websites linked to by phishing links often look like RUB-Webmail or other RUB services, but can also have a completely different appearance. If you are asked to enter your login data, check the web address (URL) of the page. Do only enter your credentials if you can confirm the authenticity of the website without any doubt.

... you have entered your credentials on a phishing site?

Change your password immediately. Set a new, secure password. RUB employees are obliged to inform their superiors and

Stolen credentials are often used for sending spam, unauthorized access to RUB systems or further identity theft. If misuse is discovered, the affected account will be blocked.

... your account is blocked in case of misuse?

In case of misuse of credentials or other associated incidents affected accounts are blocked on detecting the misuse. Sometimes captured login data are misused after a time delay.

Those affected should contact the IT.SERVICES service center. RUB employees have to clarify the privacy relevance with the Stabsstelle. Please send us an e-mail to and be sure to include your login ID. Affected IT systems must be free of malicious code. Your account will then be unblocked as soon as possible.

zur Startseite