Phishing / Attack email sent to our faculty

2025/01/07 Updated

Important Information

• What You Should Know to Prevent Phishing Emails and Targeted Attacks (Information Environment Group, the UTokyo)

• Cyber Attacks Targeting Academic and Think-Tank Researchers (Important Warning) (NISC/NPA, 2022/11/30)

• (Important Warning PDF, Only in Japanese)

• (Summary PDF, Only in Japanese)

• Alert Regarding Re-emergence of Emotet Malware Infection Activities (JPCERT/CC, 2022/05/27 Updated)

  • • How to deal with Emotet malware (Computer Services) 

[Must-read] Security measures users should take (Key things to note on a daily basis)

1. Check "Domain name of sender's email address (after @ mark)"

   • Please make sure that the sender's email address represents the sender's organization (whether the domain name after @ mark is correct). (If you look carefully, it may not be correct.)

2. Check "URL in the email message"

   • Please make sure that URL in the email message represents the sender's organization. (If you move the cursor over URL in the email message (but never click it), the actual embedded URL is displayed at the bottom.)

3. Access from "URL of the official web page (not in the email massage)"

   • When using or confirming each service such as Apple, Amazon, Rakuten, etc., please access from the official URL of each service instead of clicking URL in the email massage.

4. Check "Latest information on phishing / attack emails"

   • Please check the information posted on this page and check whether similar phishing / attack emails are prevalent.

5. Use "UTokyo VPN" when working from home

   • When you works remotely from home, please use UTokyo VPN. (Since communication passes through the university firewall, the possibility of blocking or detecting dangerous communication increases.)

6. Contact point in the event of incidents, etc.

   • As tactics used by attackers become increasingly sophisticated, anyone may access the suspicious URL or open the suspicious attachment without realizing the attack. If you sense that something is wrong, please contact teams in charge of Faculty of Economics (General Affairs Section (Soumu Team) or Computer Services) as soon as possible.

Shared information on Phishing / Attack email inside and outside the UTokyo

• List of shared information on targeted attack (email) on campus (UTokyo-CERT, Only in Japanese)

• Council of Anti-Phishing Japan (Only in Japanese)

• Anti-Span Consultation Center (Japan Data Communications Association) (Only in Japanese)

• Security Information, Information Technology Center, The University of Electro-Communications (Only in Japanese)

• Alert regarding targeted attak email (Information Environment Group, the UTokyo : 2020/01/08, Only in Japanese)

Information provided by various institutions

• Alert Regarding Phishing Scams Targeting Webmail Service Accounts (JPCERT/CC, 2021/11/16 Updated)

• Please do not lightly believe in the false sender information of email! (IPA, 2021/09/21, Only in Japanese)

• Please beware of extortion via email telling you to distribute sexual images and demanding money in cryptocurrencies. (IPA, 2021/09/08 Updated, Only in Japanese)

• Please beware of phishing email targeting webmail services at universities. (IPA, 2018/10/31, Only in Japanese)

Information provided by various companies

• Apple (Japanese / English)

• Amazon (Japanese / English)

• Rakuten (Japanese)

• PayPal (Japanese / English)

• JAPAN POST BANK (Japanese / English)