Protection Against Phishing Websites

Dynamic Blocking of Phishing Sites

As soon as the IT Service becomes aware that a website is a phishing site, the Network Services Department automatically blocks access to it from the university network. When a link to a blocked site is accessed from the university network, the following information page appears with a block notice:

Access to https:// xxxxxxxxxxxxxxxx /  blocked

The page you are trying to access has been reported to the IT Service, among others, as a homepage that is either used for phishing or redirects to fraudulent sites. Access to the page has therefore been blocked by the central firewall at Otto Friedrich University of Bamberg.

If this is an error, please contact IT Support (Email: it-support@uni-bamberg.de, Phone: +49 951 863-1333)

Figure 1 shows the message again.

Domain owners and hosting providers will be notified of the abuse. The block will remain in effect until the domain owner or hosting provider notifies us of the blocking or deletion of the affected servers.

When evaluating websites for phishing, the IT Service also refers to the lists provided by Fortinet. You can check which websites are listed as phishing sites by Fortinet at the following address.

In the event of a false alarm (or false positive), URLs can be unblocked at any time. In this case, please contact IT Support.

Technical Background of the Block

Linked phishing URLs also use the Hypertext Transfer Protocol Secure (HTTPS). For technical reasons, a warning message initially appears in the browser when a blocked page is accessed. When the homepage is accessed, the browser expects an SSL/TLS-secured response that matches the requested domain. However, the response is provided to the browser by a firewall in the Network Services department, which contains a certificate from a certification authority unknown to the browser.

Reviewing Emails

In addition, the University of Bamberg’s IT Service checks emails for phishing, provided this is technically feasible. Affected messages containing phishing URLs

  • include the following note in the subject line: [Warning: Suspected phishing/spam]
  • include the link—which has been classified as a phishing attempt—in plain text, along with a note about the phishing attempt

Do you have any questions?

IT-Support
Telephone: +49 951 863-1333
E-Mail: it-support@uni-bamberg.de

Netzinfrastruktur
Telephone: See Employees
E-Mail: netzinfra@uni-bamberg.de