In order to understand phishing and the context of the problem in more detail, it is worth making an excursion into social engineering. Social engineering refers to the consideration of social needs (of people).
In the context of security, however, it is the targeted influencing of people to perform actions they would not perform under regular circumstances. This concept works in real life, but also especially online. Psychological manipulation is usually aiming at getting hold of confidential information, encouraging the purchase of a product or the release of financial resources (Spoiler: More on the topic of social engineering in the coming days here in the blog).
The same applies in the context of the Internet. Treacherously, the technology used here is quite dynamic and varies almost daily to steal data and/or money and to cause damage within organizations. This type of attack is therefore difficult to plan and control, so it is very dangerous. All these attacks obey certain rules based on the emotional nature of human behavior. Such knowledge can help us users to act responsibly and be more careful.
One of the most common techniques is the so-called phishing. It is a systematic attack that uses fraudulent e-mails to induce people to do something or to reveal relevant information. Phishing e-mails are structured in such a way that they appear to come from a legitimate company. They can also be really good advertising for a product. Phishing may also be targeted at a specific organization (spear phishing) or at the organization’s leader, such as an organization’s CEO(s) (whale phishing). Unfortunately, attackers often use this method to obtain not only data, but also access to contacts and much more.
As we already mentioned in our blog post “Security first: Beware of phishing mails with RWTH names“, phishing is unfortunately not uncommon. Even the RWTH is not spared.
Therefore we call on you again to be careful and considerate with the received emails. Personal or professional information should not be disclosed. Especially unknown links and attachments should be treated with care. These should not be opened if you are not sure who the e-mail came from. Note: The IT Center will never ask you for personal passwords or similar personal information!
Please report suspicious cases to the IT Center: Simply send the e-mail as an attachment(*) (!!) to both servicedesk@itc.rwth-aachen.de and spam@access.ironport.com. In this way you too can make big contribution to IT security and improve our SPAM filters.
Responsible for the content of this article are Jens Hektor and Julia-Elena Runkel.