Phishing / Spam Mails

How do I recognise a phishing email?

WHO SENT THE MAIL?
If you don't know the name of the sender or the e-mail address contains spelling mistakes, it is probably a phishing mail. 

• Tip:
  Look at the header of suspicious emails. It will tell you the real sender's address. The address is labelled "Return-Path" in the header.

How to show the header in various mail programmes:
Mac / Apple Mail:  Display → Email → All headers
Windows / Outlook: File → Settings → Internet header
Roundcube: More → Show source code

LINKS
They often lead to websites that look like official websites, but actually steal passwords or download malware.

• Tip: 
  Hover over the link in the email (without clicking on it!) This will reveal the real link. If the page is unknown or contains spelling mistakes do not click on the link. 

  Always double check before entering personal data.

THREATS
Any requests to enter personal data on external websites never come from the BURG! 

• Tip:
  Even if a known provider (e.g. Google) is the supposed sender: Check the address and the link with the tips on "Sender" and "Links". Threats are also a sign of phishing (e.g. threats that an account will be deleted or fees will be charged if you don't click on the link)

SPELLING AND GRAMMAR MISTAKES
Phishing emails are often written using translators and therefore tend to contain errors.

• Tip:
  Check the sender's address via the header and the text for spelling and grammatical mistakes.

If you receive a phishing e-mail, you should not click on any links, do not reply and move the e-mail to the spam folder.

Quiz

The aim of the game is to find out whether there is a phishing mail or not.
https://phishingquiz.withgoogle.com