How to recognise phishing emails

The probability of finding a phishing email in your inbox is especially high in the weeks before Christmas. As the number of Christmas gifts purchased from online retailers grows, so do the security risks. One popular tactic is to send a spam email that refers to a fictitious package, saying it can¡¯t be delivered due to unpaid customs or shipping fees.

Such phishing emails land particularly frequently in people¡¯s personal inboxes. But from time to time, you¡¯ll find a message like that in your ETH inbox as well, and you should be wary. For example, you might get a reminder for an unpaid invoice ¨C possibly for a service that you never received.

Safely detect phishing emails

Don¡¯t fall into the trap! Make sure cybercriminals don¡¯t stand a chance by keeping an eye out for the following warning signs in emails:

• Putting on the pressure: Many phishing emails will try to play on your emotions. Phrases like ¡°You must click this link within 24 hours to reactivate your account¡± or ¡°Your account will be blocked¡± are used to create fear, exert pressure and push you to behave in a certain way (provide account details, verification links, buy prepaid cards, etc.). These should make you suspicious ¨C you¡¯re probably being ¡°phished¡±.
• Personal information: Reputable service providers never require their customers to provide passwords or credit card information by email or phone. None of the ETH Services will ever ask you for your password.
• Spelling and grammatical errors: Phishing emails often contain incomplete sentences or grammatical errors. However, even if the text has no mistakes, it may still be a phishing email.
• Delivery time: Phishing emails are often sent at an unusual time of day.
• Salutation: The email will not address you by name.
• Sender: Senders can use fake names to pose as, say, a reputable bank or a supervisor. Check the sender¡¯s address, e.g. by mousing over it, or call the sender if in doubt. However, if you do call, always use the official telephone number that you already have for the sender, never the number given in the email.
• Remember: Never click on links or attachments in suspicious emails.

Safe surfing on external websites

If an email prompts you to visit a website, make sure you¡¯ve landed on the legitimate website before entering any information. Pay attention to the following details:

Is the website¡¯s URL correct?

• Phishing links are ¡°disguised¡± to look like a link to a login page: e.g. https://password.ethz.ch
• Often the text in the URL is slightly changed or contains misspellings: e.g. https://password.ehtz.ch
• The URL might indicate a different destination: e.g. https://password.ethz.ch.free.fr
• If you mouse over the link without clicking and a different, longer domain name appears, it might be a phishing attempt.

Is the connection encrypted (https)?
Does the website have a valid SSL certificate?