Beware of phishing

At the moment there are scam emails circulating, falsely made to look like they originate from KI. The sender is trying to obtain the password to your KI account. This is a type of email fraud called phishing.

The scam emails contain a link that leads to a fake KI login page. On this web page, which looks as if it belongs to KI, you are urged to enter the user name and password to your KI account. Once you have entered your account details, you may be directed to https://kib.ki.se/en/finder/databases. This indicates that there is something wrong, and that your login details may have fallen into the wrong hands.

  • Be careful if you receive an email that urges you to click a link to log in to a website using your KI account details. 
  • Immediately change your KI account password if you suspect that your account details may have been compromised.
  • Change your password at account.ki.se

Three questions to ask yourself whenever you receive an email containing a login link

  1. Did I expect to get this email?
    If you recently clicked an “I forgot my password” link on a website, it is likely that you would get an email shortly after, containing a temporary login link.
  2. Is this person or system familiar?
    Was this email sent to me by somebody I know and that has a reason to send me this link?
  3. Where will this link lead me?
    Before clicking a link, place your mouse cursor over the link to see where it will take you. Just because a URL contains words like “login.kib.ki”, this does not necessarily mean that the web page belongs to Karolinska Institutet or the University Library. Misspelling or adding extra letters to a known URL are common tricks that scammers use in order to make you think that a web page is safe and connected to an organisation that you trust.