For best experience please turn on javascript and use a modern browser!

Starting last week, the UvA and AUAS have been bombarded with phishing emails. The phishing attacks seem designed to send huge amounts of spam from the hijacked accounts. Be alert: do not click on links in these phishing emails and delete the messages from your inbox.

How can I recognise these emails? 
The emails appear to have been sent from the UvA or AUAS and claim that there is something wrong with your mailbox. These are the emails:

Phishing mail
Phishing mail HvA

What if you clicked on a link? 
If you clicked on a link and entered your account details on the page: 

Which steps are being taken at the UvA?

  • Immediately after receiving the reports, we asked the hosting provider to remove the fraudulent website with the login screen. It has done so in the meantime. Employees no longer land there if they click on the link in the phishing email.
  • We have also blocked the page in the UvA environment. This means that anyone working with VPN or from our offices will now see a warning from us if they click on the link. 
  • The accounts belonging to the colleagues who entered their login details on the fraudulent website have been blocked. These staff members have been asked to reset their password.
  • The CERT (the team that investigates and resolves security incidents) is investigating potential abuse of the accounts that were successfully ‘phished’ and subsequently blocked by us. 

Stay alert
We cannot be entirely sure that the phishing attack is now over and therefore we ask that you stay alert and forward any suspicious emails to ICT Services via servicedesk-icts@uva.nl.