Last week, UT staff and students received an e-mail 'on behalf of the Executive Board' about the need to do more in the field of sustainability. Those who read carefully could recognise that the email did not really come from the Executive Board of the UT. Yet there were quite a few people who did not immediately realise that the mailing was not authentic.
Recognising fake messages
In this case, the mail could be recognised as inauthentic in a number of ways:
- The sender's email address; in this case, it was not a 'regular' ...@utwente.nl-emailadres, but mail addresses from a different domain (33mail.com) were used;
- Links lead to unknown websites; when you hover your mouse over a link, you can see where the link points to. In this case, it was a link to https://stats.sender.net. E-mails of the UT usually contain links that refer to utwente.nl, or pronuntio.utwente.nl;
- Deviating language; the e-mail concluded with "Vriendelijke groet, UT's College van bestuur", which is an unusual signature. Also, unusual and non-existent names such as "UT's Uitvoerend Bestuur" occurred in the email. This is common with texts created using a translation website;
- The content; In this case, the mail contained text that explicitly indicated that it was a fake message. However, not everyone noticed this. Please read mails you don't trust carefully;
- Many grammatical and spelling errors; naturally, we try to send error-free e-mails. Of course, grammatical or spelling errors may occur, but they will be limited;
- A different house style and font; The attentive recipient will have noticed that the layout of the e-mail differs from the regular layout of UT-mailings. Deviating colours, logos and other layouts are common in fake messages;
- Indications of the use of a different online system; In this case, the e-mail showed a logo indicating that the mailings were sent by an e-mail marketing platform unusual for the UT.
Fake messages can usually be recognised by one or more of the above indications. In the rush, not everyone will notice them immediately. Do you not trust the content of an unknown and unsolicited e-mail? Verify it with other reliable sources.
Want to know more about recognising spam, phishing e-mails and other fake messages?
Within our Privacy and Security Awareness programme (PASSWORD) you can follow various training courses called "free plays" to identify them quickly and effectively. Go to https://securityeducation.utwente.nl to follow the training or watch an interesting educational FAKE news video from this platform https://utwente.securityeducation.com/module/avcgfn.
