Executive Department for
Press, Communication and Marketing
Adolf-Reichwein-Straße 2a Gebäude AVZ (Gebäudeteil AR-NA) 57068 Siegen
Phone: +49 (0)271/740-4915 Fax.: +49 (0)271/740-4911 E-Mail: presse@uni-siegen.de
Caution: fraudulent mails
Attention, currently university members are being sent fraudulent emails as well as emails with a malicious file attached. You can find more information here.
Dear students,
Dear employees,
due to recent events, you are receiving an alert regarding various information security incidents.
Currently, university employees are being sent emails whose sender addresses resemble the university's known email addresses. Also, the logo of the University of Siegen is misused there, which gives the impression that the mail comes from the Human Resources Department or the ZIMT of the University of Siegen.
In the mails, university members are asked to validate their e-mail account and to click on a link - please refrain from doing so at all costs.
If you have clicked on the link, please proceed as follows:
1. scan your system. Recommended programs for this are Malwarebytes (link: https://www.malwarebytes.com/) and ADWCleaner (link: https://www.malwarebytes.com/adwcleaner/).
2. if data has already been entered, make sure to change the passwords of all accounts where the affected password is used. Please note that the password applies to all services of ZIMT, including e-mail, WiFi, VPN. The password must also be changed in the corresponding programs (e.g. e-mail program), as well as on all devices used (smartphone, PC, etc.). Otherwise, temporary blocking (15 minutes) of user access may occur.
You can change the ZIMT password here: https://www.zimt.uni-siegen.de/dienste/konto/
You can change the XIMS password here: https://xims.uni-siegen.de/goxims/user?passwd=1
Note: Official mails of the University of Siegen are always digitally signed.
The attackers also try to distribute viruses via an attachment. The attachments with the viruses can be detected and removed by the virus scanners. However, if this is not the case, please do not open these attachments under any circumstances.
At the same time, there are also e-mails in circulation whose subject and content may appear familiar to the recipient from previous messages. These e-mails contain attachments with passwords. The passwords are announced in the e-mail. This is the highly widespread malware "Emotet", which can cause great damage.
Please do not reply to these emails and delete the message.
For more information on how to detect fraudulent emails, click here.
Yours sincerely,
the team of the Information Security Unit
