E-MAIL. Some employees have problems with emails not being sent to VGR and Umeå University, among others. This is caused by one of the university’s email accounts being hacked in a phishing attack.
In the phishing attack, the recipient has clicked on a link in an email. Subsequently, SPAM emails that appear to come from a GU address have been sent from IP addresses in Eastern Europe.
Many of these emails have been sent to VGR. The result is that VGR’s spam filter has blacklisted the sending domain, ie gu.se. The blacklisting means that e-mail from GU is can not be delivered until the domain gu.se is whitelisted again.
Central IT has now performed what needed to be adjusted in our IT environment and is waiting for information from VGR and Umeå that they will remove the blacklisting of us in their email systems.
The problem is not related to the security flaw in the Apache log4 software (see news from 2021-12-13) but is entirely due to someone clicking on a link in a phishing email. In this case, the person who clicked on the link has been sitting at an unmanaged computer (ie a computer that is outside the GDA environment and is not updated centrally from the IT unit) and the computer had an old operating system with security holes.
