Information security

Advertising, spam, junk or phishing attempt?

How to distinguish and what to do?

On this page we would like to explain briefly and concisely what the difference is between spam, junk and phishing and how best to deal with them.

Further information and helpful tips are also available from the German Federal Office for Information Security at BSI - How do I recognize phishing in emails and on websites?

What is spam: a definition

What lies behind spam is often more than just advertising - many such messages are aimed at spreading malware or stealing personal data. A clear view of the mechanisms behind spam messages is crucial in order to protect yourself effectively.

  • Differentiate from junk mail: While spam emails are usually sent without permission, many emails marked as "junk" belong to legitimate but annoying promotional messages that you may have subscribed to yourself at some point, for example through an online purchase.
  • Spreading malware: Many spam messages contain attachments or links that can install malicious software such as viruses or spyware. Malspam emails, which download malware onto your device by clicking on an attachment, are particularly risky.
  • Spam filter protection: RPTU email services use spam filters to automatically detect suspicious messages and move them to the spam folder. These filters analyze subject lines, sender addresses and the structure of emails for typical spam patterns.

In this way you can avoid spam

While spam can never be completely ruled out, targeted measures can significantly reduce the risk of becoming a victim of spam.

A conscious approach to your own e-mail address and website is essential.

  • Handle e-mail addresses with care: Only use your e-mail address with trustworthy sources. In the private sphere, it is helpful to use so-called alias addresses - additional email addresses that are used for special purposes such as newsletters.
  • Do not open suspicious links: Never click on links or attachments in emails from unknown senders. Even if the message appears trustworthy, it may be a trap. Use alternative ways to verify contact information, e.g. by contacting official websites directly.
  • Create your own rules: You can define your own rules in your e-mail program to determine when e-mails are automatically moved to the junk folder. If you need help with this, please visit our training website. The Information Security team organizes workshops and training courses on the subject of "e-mail security" at regular intervals together with the computer center.

Recommended measures and procedure at RPTU

If you receive spam and/or phishing messages, proceed as follows:

  • You can forward SPAM messages in a new e-mail as an attachment to spam(at)rptu.de. The e-mails will then be processed and appropriate measures will be taken at the RHRZ. If you use this address, you will generally not receive a reply. You can then either mark the e-mail as "junk" (block sender) and/or otherwise simply delete it.

What is "phishing" and what are phishing emails?

Phishing is a portmanteau word made up of "P" for password and the English word "fishing".

Phishing emails are fraudulent emails that aim to steal personal information such as passwords, usernames, PIN codes, credit card details or other sensitive data.

Unfortunately, we at RPTU also have to deal with this problem on a daily basis. Such emails are now sometimes sent in the design or RPTU look, so the iconic U is intended to tempt the victim to classify the site as trustworthy and to get them to enter their credentials, i.e. username/RPTU account with associated password.

In the past, RPTU members and employees have often been redirected to fake websites by emails giving the impression of checking account details, approving invoices - in the case of students, often extending the supposedly full quota (storage space).

Such emails are not to be trifled with. They can hit anyone at any time and it is essential to handle them correctly.

If you would like to know more about social engineering, spear phishing etc., you will find an article explaining the various types of phishing in more detail in the security warnings section.

Recommended measures and procedure at RPTU

  • Please forward PHISHING messagesas attachments to antivirus(at)rptu.de. The e-mails will also be processed here and the necessary measures will be taken by RHRZ. In this way, you are not only protecting yourself, but everyone at RPTU.
  • Even if you receive an attachment and are unsure whether it may cause damage when you open it, you can forward it to the above address as an attachment. You will be informed of the status. If this takes too long, you are also welcome to contact the hotline or the colleague directly.
  • How do you forward an e-mail as an attachment? Open a new e-mail and drag and drop the SPAM or PHISHING e-mail into the new e-mail. This allows the RHRZ to evaluate additional information and take better measures to protect everyone!

In the event that you have been "taken in" by a phishing e-mail:

  • Please act immediately! Disconnect the computer from the network (switch off the LAN cable or WLAN) and shut it down.
  • Contact your local IT support or the RHRZ support team.
  • Only if you actively reacted to phishing phishing, please also use the report form.

If you have any questions in this regard, you are welcome to contact the Information Security team. We will try to help you further!