Enter your keyword

Email Phishing

What is phishing email?
Phishing is the act of obtaining personal information such as User ID, Password and other sensitive data by impersonating an authorized person or organization via an email. The emergence of the term phishing comes from the English word fishing (which means fishing), in this case it lures the target to provide important information such as financial information and passwords it has.

How to identify phishing e-mails?
Here are some phrases you might come across in phishing emails.

  • "Verify your account."
    Legitimate sites will never ask you to send your password or other personal information via email.
  • "If you don't respond within 48 hours, your account will be closed."
    This message has a threatening tone, so you will respond quickly without thinking.
  • “Dear Customer.”
    Phishing emails are usually sent in bulk and do not contain the first or last name of the user.

Example of a phishing email

Example 1

We are having congestion due to the anonymous registration of accounts so we are shutting down some accounts and your account was among those to be deleted.You account has been temporarily disable and needs to be re-validated.
To re-validate your mailbox please enter details below.Full Name:
User Name:
Password:You are to re-validate your mailbox.Note:If your mailbox is not re-validated within 24 hours we shall shut
down this account permanently.”Admin Center Support Team”
Copyright © 2011 Institut Teknologi Bandung

Example 2


Phishing email suggestions

  1. Ignore every email that asks for your username, email address, password, date of birth, even though it's in Indonesian and on behalf of the ITB admin, it's a phishing email trying to steal your email, be careful because the impact can be very fatal, email is your identity on the Internet.
  2. ITB Administrator Never asks for your password. Never give out any information regarding your username and password to anyone.
  3. Examine the email header, see the reply-to section, there you can see that if you reply to the email, it will be sent to an email address that is not an ITB email domain.
  4. If you have already replied to the email, please immediately change your email password and alternative email that you sent to the phishing perpetrator.

If there is any doubt about the email you received, please contact the official ITB admin address: https://dti.itb.ac.id/kontak-dti/