Just some Links:

• BSI Phishing erkennen
• Phishing im Netz erkennen und vorbeugen
• UOL- DSM FAQ
• Verbraucherzentrale Phishing erkekennen

Und doch noch mal ein eigener Text:

Due to recent incidents we would like to remind you how to take care of spam and phishing mails.

Since even in hacker circles there is a shortage of skilled workers, most spam/fraud is not too intelligent (=dangerous), but thanks to DeepL and ChatGPT at least it looks not that bad anymore. That means it's getting more difficult to detect, On the other hand: looking at the mail is usually still without danger and most of the time clicking on links is not harmful either. Entering anything on the linked pages is FATAL in case of a phishing site.

There are a few basic rules you should follow within EVERY mail:

No matter where the mail comes from and in which program you look at it: BEFORE you click on any link, look in the mails header for the full sender (if you can see it) but that's just a first clue. After that, look at the exact link you want to click on. To do so hover your mouse over the link and the real destination should usually be displayed in the lower left corner (on cell phones, usually long-click the link). After you have clicked on a link, look at the top of the browser address page to see if this is really the institution you want to go to. A few examples to try out:

ICBM IT
ICBM IT
„https://uni-oldenburg.de∕.si42.de/icbm”

None of these links directs to an ICBM or other university page! Last one has to be copied by hand, but obviously it is 'uni-oldenburg.de' between the first slashes after https ;)

This practice of checking links BEFORE and AFTER clicking also applies to clicking links in web pages.