20 March 2026 12:46

Messages to employees at DTU

Attention: Phishing emails in circulation

DTU is currently experiencing multiple cases of phishing emails, where cybercriminals are attempting to gain access to employees’ email accounts.

These phishing emails appear to come from a known contact and claim that a document has been shared with you.

It is therefore important that you do not click on links or attachments in unexpected emails – even if the sender looks legitimate.

What characterizes the current phishing emails?

The subject line may contain something like:
“[Name] shared ‘Technical University of Denmark’ with you”

The link leads to a fake page that captures your login credentials – even if you use multi-factor authentication (MFA).

The attacker can then send new phishing emails in your name.

Be especially alert if:

  • you do not expect the sender to share a document with you
  • the link does not clearly show a Microsoft or DTU addres

How to protect yourself

  • Be skeptical of unexpected document sharing.
  • Contact the sender through another channel (e.g. Teams/SMS/phone call) if something seems suspicious, and confirm the sharing before opening it.
  • Hover your mouse over the link (without clicking) to see the actual web address.
  • Report the email directly as phishing in Outlook.

If you have clicked

If you have clicked on a suspicious link or entered your password, follow these steps. It is important that you do them in this order to avoid access issues caused by synchronization delays:

1. Sign out of all devices on your Microsoft account

Go to: My Sign-Ins | Security Info | Microsoft.com

Click “Sign out everywhere”.

This immediately stops any unauthorized access.

2. Review your account activity (optional)

If you wish, you can check for suspicious activity here: My Sign-Ins | Recent Activity | Microsoft.com 

When you report an incident, AIT will also investigate any potential suspicious activity.

3. Change your DTU password

Go to: https://password.dtu.dk

Change your password here. This ensures that your login synchronizes correctly between DTU and Microsoft.

4. Report it as an IT security incident via the Service Portal

5. Report the email directly in Outlook

(right‑click the “Report message” button).

Read more about phishing here.

Thank you for helping protect our shared digital security.

List settings

Go to messages.dtu.dk

Kathrine G. Starris

Last updated by:

Kathrine G. Starris

Does not push to email