...

This email is a good example for the rule that you should ignore (or delete) emails that (1) are from people you don’t know, (2) come out of the blue, and (3) ask you to visit a website or open attachment.

Example 3

Betreff: CL meeting schedule.xlsx
Datum: 16.10.2019 14:04
Von: "Parsons, Michelle" <noreply@youtilita.co.uk>
An: "userID@univie.ac.at"<userID@univie.ac.at>

Hi,

Thank you for offering to find rooms for me for this schedule.   I can eventually attached it!
https://dw2.dropbox-eu.com/?73TE8nod7aaI5eaW-a1140479@univie.ac.at-dDi8Oo12312bO3I3Ez7iTOt4TiaI1sxY1OexrLZaasdd1234145nf8iG47oAy2PJOE46576opeOlH25EHp6ks66u078saahCg7taUu8Uto603aso4zTAagIOioag4KwiocFoAYat42

Thanks again
Michelle

This example is similar to example no. 2. An email that is from (1) somebody you don’t know, (2) comes out of the blue, and (3) and ask you to download a file. (In this case, it’s an Excel speardsheet that likely contains a Macro virus.)

In case of doubt

If you’ve read the list above carefully, you will have noticed there are no hard and fast rules to determine whether an email is fraudulent. You have to use your judgement. If you aren’t sure, call the sender by phone. (If you can’t, then you don’t ‘really’ know the sender and should regard the email as more suspicious for it). You can also ask us, the department’s IT support, for our opinion. We are also happy if you inform us about fraudulent email you got, so that we can warn others; in particular if it’s a well-crafted one.