Campus Management

News details

Overview

Warning against e-mails with a link to a file download

Dangerous malware is hidden behind the link.

The malicious emails are apparently aimed at secretarial staff, but other recipients are also conceivable. Corresponding real names of TU employees were probably spied out beforehand via the TU website. It seems that the fake emails are sent in the name of these employees. However, on closer inspection, the exact sender email address does not correspond to a real TU email address.

The emails have the following characteristics:

  • The emails contain a link that refers to a file.
  • The text of the email also contains a password to this file.

The file contains dangerous malware. Please do not follow these links, do not download any file and do not open the file under any circumstances.

The fake emails look like this, for example:

"Good morning

Here I am forwarding to you all the necessary records in relation to our upcoming meeting so that we have recently revealed. Please take a look at an important data through this link at:

drive.google.com/uc[.....]

File password: E9826

Dear Sir or Madam

We hereby request you to submit a quotation including price, shipping costs, payment conditions (e.g. cash discount, rebate) and delivery time for the following models:

3 x Original HP Laserjet CE 390 XC S7W for Printer HP Laserjet 600M603

Please be sure to include the delivery time in your quotation!

Please send your offer until 08.11.2021 to

We are an institution of the Technical University of Berlin.

[...]"