WARNING: Phishing using CryptShare [CISO, 10.05.2022] a particularly clever attack using the TU's own tools CryptShare and Link Shortener

As of today (10.5.2022), we have received reports of phishing mails being distributed in a particularly dangerous manner.

The subject of the distributed mail is “Antrag auf Deaktivierung des Kontos“.

The mail is not sent directly, but distributed as a file via the TU’s own CryptShare service.

The mail distributed as a file then contains a link that was created via the TU’s own link shortener service.

This link then ultimately leads to a phishing page.

The attack was made possible by a hacked account of a person at TU Braunschweig, presumably by one of the previous waves of phishing.

The IT Service Desk does not distribute mails via CryptShare.

Please do not follow the link in the mail distributed via CryptShare.

If you have already done so, please change all passwords used on your computer for all accounts as soon as possible and carry out a full virus scan and report to the IT Service Desk.

If in doubt, please seek advice from your IT coordinator and/or the IT Service Desk.