Department of Agroecology – Staff

Dansk

 AU  Staff Departments  Department of Agroecology Show

Cypersecurity - what can you do?

Universities and companies all over the world are always being targeted by Cybercriminals. It is important to always be aware of the e-mails you receive and the website links you choose to click and visit.

[Translate to English:] Foto: colourbox.com

At the moment there is a large-scale phishing attack against some Danish Universities and we are writing this to help you avoid getting your username and password compromised and compromising AU-data. 

Cybercriminals change their approach all the time to try and bypass the systems we put up to protect our users and data. That is why YOU are important. It is your actions we have the possibility to change.

  1. Urgency:
    • You can rely on Phishing mails being urgent in their wording. It always asks you to act NOW if you do not want to lose access to a system.
  2. Sender e-mail
    • Often, the e-mail-address in the from field will seem like an internal address. If you click reply, you will see the truth (gmail.com or other non-AU-email)
  3. Look at the URL/Link
    • Sometimes, but not always, it is easy to see, that the URL is not a https://au.dk/ link. The Cybercriminals are trying to mask the URLs and make them seem legit. They can easily hide the malicious link in something that seems like an au.dk web-address.
    • If you click and enter the webpage and you think it is a legit au.dk website, please look at the address-bar.
      • Is it https? (will have a padlock in front of the link-name)
      • Does it indeed have an au.dk address or is it something entirely different?
  4. Is this an e-mail you are expecting?
    • It is often e-mails with attachments or requests to pay an amount of money. Is this an e-mail you would expect to receive from that person? Did you purchase something or do you usually receive these types of e-mails? If you receive an e-mail from a colleague asking for you to pay money to an account, always confirm it with that person before paying. If you confirm by e-mail, make sure it is the correct e-mail-address and not a spoof.
  5. If you try and login – what happens?
    • Usually the malicious website will have a login form and when you try to log in, it will give an error. But now it has your username and password. The damage is done, so to speak.
      • Change your password at once. You can find the guide on how to change your password here: https://au.dk/it
      • Do not reuse passwords anywhere. Generate unique and complex passwords and use a password manager to remember them.
    • Sometimes the website will try and install malware on your computer when you load it.

At the moment Cybercriminals are using ‘E-service system upgrade’ and  ‘Library Services’ as a subject and sender (different e-mails), trying to make you go to a site and typing your username and password. The website looks very legit and very similar to an AU-website. Do not be fooled.

Please be ware out there and take care of your username and password. You are the most important defense in AU’s Cybersecurity.

Revised 13.11.2025