Suspicious e-mail messages

Suspicious e-mails

You have probably already encountered an e-mail request to fill in and update your personal data, update the content of our websites, transition to a new web application, avoid password expiration, etc. However, these e-mails are not always sent by the person or institution to which the content of the e-mail relates.

Whenever an e-mail requests the user's login or personal information, one must be very careful, paying close attention to the details. Please take a look at the following samples that should help you identify the authenticity of the e-mail you received and its content.

A fraudulent e-mail with a link to a form dated 9/9/2022

On Friday, 9/9/2022, we noticed attempts to steal login data through a fraudulent e-mail. It baits the reader to click on a link to a web form and thus steal your e-mail address, username, and password. There are clues in the e-mail and the form that indicate that it is an attack: spelling mistakes, a call to the user to make changes under time pressure, and it can be seen that the link leads to an unknown webpage outside of the official uhk.cz structure. If you receive a suspicious e-mail and are unsure of its authenticity, it is always better to contact an OIT employee who will help you with the assessment.

Recommendations in conclusion

• Always check where the link in an e-mail leads you.
• Do not enter passwords to any of your accounts into unfamiliar forms.
• Do not include your username in such forms.