Phishing e-mails

Phishing e-mails are getting better and better. The hardest ones to spot are those that come from an internal, compromised email account. That's why it's very helpful to make checking the following questions a routine part of reading and handling emails:

  1. Is the message unexpected?
  2. Does the sender match the message and the TU Wien?
  3. Is pressure being built up and are you being asked to transfer money or enter your user name and password?
  4. Is the link contained trustworthy?
  5. Is any attachment trustworthy?

Details on how to answer the five questions can be found at the following link: www.tuwien.at/en/tu-wien/organisation/central-divisions/information-security/news/news/wichtig, opens an external URL in a new window

Theoretically yes. Even if you "only" click on a link this is a dangerous situation. It is possible that a malicious program is hidden in the source code of the page that is accessed. If your antivirus program, Internet browser or operating system is not up to date, you may catch a virus or Trojan by visiting this page.

  • Update your antivirus program and let it scan the entire computer.
  • Take the opportunity to check whether your antivirus program, Internet browser and operating system are doing the required automatic updates.

Note: Instructions on virus protection programs and system updates can be found in TU coLAB at the following link: https://colab.tuwien.ac.at/x/UA6SAg, opens an external URL in a new window. If you use a TU.it terminal, you can find out more about the scope of the service here: https://www.it.tuwien.ac.at/en/services/workstation-support/tuclient .

In this case, you must immediately change your passwords here: https://login.tuwien.ac.at/passwort/mitarbeiter/, opens an external URL in a new window. You need to change both the password for the TU account and the password for upTUdate. Please note that active synchronizations may permanently try to login with the old upTUdate password, which may result in automatic account lockout.
Therefore, please stop active clients that use the upTUdate account for authentication on all devices BEFORE changing the password (see also Services and Passwords for Employees). After setting the new password, please also apply it to the connection settings of all clients. You can then restore the connections.

There are many ways in which e-mail addresses can get into circulation. If you communicate by e-mail, your e-mail address ends up in other people's mailboxes. If these mailboxes are "hacked", the addresses found there are picked up and end up in address lists for hackers. There are programs that explicitly search the web for such address books. However, appropriate mechanisms are implemented in TISS to prevent this.

The number of phishing e-mails basically varies depending on the recipient. There are automatic mechanisms at the TU Vienna, but their effect takes time. The faster a phishing e-mail is reported, the faster the message can be quarantined and thus no longer ends up in the mailboxes of TU Vienna employees. There is a central filter, but there is a rule at TU Wien that spam, scam and phishing e-mails may only be marked as such. Sorting out or blocking is the responsibility of the users. Only if there are attacks and waves that endanger the infrastructure of the TU Vienna, appropriate blocking measures may be set.

Password security

The best way is to use a so-called "password phrase". To do this, think of a phrase and always use the 1st, 2nd or last letter of each word from the phrase in the password.

An example sentence:
I sit in front of the computer and type in my password.

If you now take the first letters of the words, you get "Isifotcatimp". If you replace "p" by "&" and "s" by "3" you get the following strong password: I3ifotcatim&.

More tips can be found at the following link: www.tuwien.at/tu-wien/organisation/zentrale-bereiche/information-security/news/news/istdaseinsicherespasswort1, opens an external URL in a new window

Yes. On the page haveibeepwnd at the following link: https://haveibeenpwned.com/Passwords, opens an external URL in a new window.

The operators of Have I Been Pwned use a complex security mechanism, which makes it unnecessary to store the password. A cryptographic method is used to calculate a unique checksum of the password, which only matches one password and does not allow any conclusion about the password. When the password is entered, the page locally in your browser also creates such a checksum. Then only the first five digits of the hash are sent to the Have I Been Pwned server. It, in turn, sends a list of all the checksums that start with these five characters. The browser then compares the data.

Absolutely. For example, if one of your accounts is hacked, that password can be used to take over other accounts. Remembering all passwords for all accounts is somewhat difficult given the number and complexity of passwords. That is why we recommend the use of a password manager. At the TU Wien you can get the password manager 1password (details can be found at the following link: https://oase.it.tuwien.ac.at/20276609.asHTML, opens an external URL in a new window). Alternatively, you can also use keepass. This is a free opensource product (details can be found at the following link: https://keepass.info/, opens an external URL in a new window).