Warning: Ongoing spear-phishing campaign

The Cybersecurity team of Masaryk University is issuing a warning against a wave of spear-phishing e-mails. Spear-phishing is a form of attack in which fraudulent messages are sent to specific individuals, or a group of people, in an attempt to obtain personal information. 
Fraudulent e-mails in this particular instance are being sent from the *[@]upol.cz domain. This might create the impression that the message in question is a legitimate e-mail from Palacký University Olomouc. Obviously, that is not the case. 

What’s going on?

This morning, the Cybersecurity team of Masaryk University detected a wave of spear-phishing e-mails, containing the text “A new notice regarding your salaries 2020”. After this notice there is a link attached redirecting the user to a phishing form with the look and feel of IS MU. The aim of the attackers is, again, to obtain sign-in credentials to this system. 

What to do? 

In the event that you receive a similar message, do not reply to the e-mail, do not click any attached links, and report the message to our team. In case you’re reporting any kind of fraudulent mail, please, send it ideally with the header included. Thank you! 

Conclusion 

Spear-phishing attacks are growing in numbers in these difficult times, trying to trick us into giving out our personal information. If you want to increase your confidence in the cyberspace, we recommend visiting the Self-defense module in our online course Cybercompass. The course is free, aimed at anyone and everyone. Everything important regarding cybersecurity at Masaryk University can always be found at security.muni.cz.