Caution! Password Fishing!

Current phishing emails at BOKU!

What is phishing?

Phishing (= password fishing) is an attempt to obtain your BOKU login credentials (login name and password) via fake e-mails and websites.
Therefore, always pay attention to the actual sender e-mail address (and not to the name).
Before clicking on a link, always pay attention to the address (URL) that your web browser displays in the lower left corner, and never enter your login credentials at other than known BOKU servers!

If you subsequently realize that you have entered your password on an external server, please change your password immediately and contact your IT Managers, ITSG contact person and/or the BOKU-IT hotline.

Currently phishing emails with the following subject heading circulate:

  • ADMIN
    Mailtext: “Aufgrund einer kürzlich im BOKU verbreiteten Phishing-E-Mail …
     
  • "Incoming Mails Queued For Delivery"
     
  • "Important notice"
    Mailtext: "The password for ... will expire this today. Kindly use the below button to continue using the same password."
     
  • "A moment?"; "Are you around?"; "Are you available?"; "Request"; "Work"
    (Allegedly sent by BOKU members, but actually from external email addresses, e.g. Gmail.)
    "If you have a minute, could you please drop an email.";
    "Help Needed,email me back asap"; 
    "Hello are you available? Please, l need your assistance urgently"
    This does NOT mean that the accounts of BOKU members have been hacked, the mails are sent from external Gmail accounts. Always pay special attention to the actual sender address!
    Therefore, there is no need for action, and no risk of financial loss, as long as subsequent requests to buy voucher cards are not responded to.
     
  • "boku.ac.at Server - Passwort abgelaufen"
    Mailtext: "Das Passwort zu Ihrem mailbox ... abgelaufen"
     
  • Mailtext: "Sie müssen dringend eine Aufgabe für mich erledigen
    Bitte, ich bin gerade in einer Besprechung und kann nicht sprechen, also antworten Sie einfach zurück" 
     
  • "Update Required"
    Mailtext: "We have just finished general email security update for our domain boku.ac.at.
    The user of ...@boku.ac.at is required to confirm your email is valid and still in use."
    This mail is phishing!
    If you have entered your BOKU access data in the form:
    Please change your password immediately: https://short.boku.ac.at/it-passwort-aendern  
    and report the incident to BOKU-IT Hotline!
     
  • "Fehlgeschlagene Nachrichten"
    If you have entered your BOKU access data in the form:
    Please change your password immediately: https://short.boku.ac.at/it-passwort-aendern  
    and report the incident to BOKU-IT Hotline!
     
  • "BOKU Finanzabteilung" (or other internal sender)
    "Scheck zurückgegeben" or "Lohnzettel" or "Zahlung zurückgegeben" or 
    "Ihre Bank hat eine Überweisung Ihrer Gehaltszulagen für die Monate Juni, Juli und August abgelehnt." or "Das beiliegende Gehaltsdokument bedarf dringend Ihrer Aufmerksamkeit"
    Clicking on the external link redirects to a fake GroupWise Web Access login.
    If you have entered your BOKU access data in the form:
    Please change your password immediately: https://short.boku.ac.at/it-passwort-aendern  
    and report the incident to BOKU-IT Hotline!
     
  • "BOKU-IT-Hotline - Support"
    "Sie haben 5 ausstehende E-Mails"
    If you have entered your BOKU access data in the form:
    Please change your password immediately: https://short.boku.ac.at/it-passwort-aendern  
    and report the incident to BOKU-IT Hotline!
     
  • "2 Nicht zugestellte Nachrichten"
    "Es stehen noch Nachrichten für Ihren Posteingangsordner aus."
     
  • "IT-Sicherheitshinweis"
    "Ihr E-Mail-Passwort läuft in 2 Tagen ab, um E-Mail-Passwort und Details zu behalten, KLICKEN SIE HIER, um es sofort zu aktualisieren"
     
  • "BOKU-IT-Services"
    "Sie haben 4 ausstehende E-Mails von der BOKU-IT"

These emails seem to come from BOKU addresses. However, these emails do NOT come from BOKU-IT. Please delete them.

We ask for your help: 

  • If you receive a phishing email that is listed above - despite our extensive counter measures - please delete this email without any further response.
  • If you receive a phishing email that seems to come from BOKU and is not listed here, please inform the BOKU-IT hotline so that we can start counter measures as quickly as possible. Also in this case, do not respond to the phishing emails or internet addresses stated in such emails. 

Please note:

This list as well as notifying BOKU-IT is only for phishing attempts directed at BOKU's IT accounts.

Other phishing emails that are directed at bank accounts or other systems outside BOKU are not especially treated by us. Other phishing attempts are not listed and do not need to be reported. Of course, you should also delete these emails without any further response. 

Further information on phishing can be found here: