Information on phishing

A phishing email is an email message sent by criminals to get hold of your username and password. Once these criminals have acquired your login details they will use them to, for instance, send SPAM messages from your account. Besides being a source of annoyance to you,  phishing also disrupts UM’s and external email services.

Phishing emails usually have subject lines such as “System Administrator” or “Upgrade Your Mailbox”. Below are the three most common ways criminals use to steal personal information:

 you are asked to reveal your login details by replying to their message;
 you are asked to click on a web link and fill in a web form;
 you are asked to click on a web link which leads you to a, hardly noticeable, imitation of a UM login page.

Please note that these messages are NOT being sent by ICTS or any other UM department. We strongly advise you to delete these emails without opening any links or attachments.

UM SPAM-filter will not immediately recognise all new phishing emails. Therefore, you might still get unwanted emails. However, you can recognise a phishing email by:

 poor use of language;
 a reply-to address  that does not belong to a UM user;
 an internet link (URL) not directing you to a trusted domain.

Maastricht University will NEVER use email communication to ask you to confirm your username and password, so please delete future messages of this type without taking any further action.

Please visit for additional information about the risks of Phishing. For further information contact your local IT staff or Servicedesk-ICTS:  + 31 (0)43 388 5555.