How to spot a phishing email

Most of us would probably think, ok, this is a phishing mail if you received a email from the only relative of the late king of Nigeria explaining that he just inherited 63 million dollars and needs a secure account to deposit the money in. And that naturally, you will receive a modest fee of 20% of the amount for letting him use your account!

But can you always spot a phishing email? The fact of the matter is that phishing emails have become so sophisticated that it can be very difficult to determine whether they actually come from AU, the tax authorities or another public institution. For this reason, students at Aarhus University need to be particularly careful in how they handle emails. 

Typical features of phishing emails

  • Requests that you act now. E.g. before your account is closed, before the money is withdrawn, etc.
  • Requests to disclose confidential information via a link in the email or by answering the email. E.g. passwords or account information.
  • Requests to open attached files.
  • Links which appear to be official or familiar at first glance but reveals a different destination when you move your mouse over them.
  • A sender address which is revealed not to be official on closer inspection. E.g. Aarhus University <>

If you are in doubt as to whether an email is an attempt at phishing, you should contact your local IT support team. Please do not click on attachments or links in suspicious emails. 

If you took the bait

In the event that you receive a phishing email and (accidentally) click on a link, provide sensitive personal information or open an attached file, contact your local IT support team immediately so that we can limit the damage and correct the problem as quickly as possible.