To path indicator Subpages of “Newsdetail“ To navigation To quick access To footer with other services
To content
Studierende sitzt am Arbeitsplatz und schaut auf den Laptop. © Aliona Kardash​/​TU Dortmund

Phishing mail allegedly from the rector

There is currently a phishing mail circulating with the subject "Are You Available?" purportedly sent by the rector. Delete this mail.

There is currently a phishing mail circulating with the subject "Are You Available?" purportedly sent by the Rector. Delete this mail. The mail is from the sender "directormail@list.ru>" which we are now blocking.

In the plain name of a mail, as on the sender of a physical letter, there can be any text, so also for example "Olaf Scholz". There is no technical way, other than using signed mails with certificates, to prevent this. Unfortunately, many mail programs, such as Outlook, no longer display the mail address if a plain name is specified in the mail header.
It is also easy to forge sender addresses, but we now observe more often that people do not bother to do this, but just forge the plain name.

However, in Outlook you can switch on the display of the sender address permanently for a folder in the overview:

View - Add Columns - New Column - "Formula" - Add "[searchfromemail]" and group it appropriately with "up".

Here is an illustrated tutorial that works analogously with a current Outlook:

www.seplura.de/e-mail-absender-adresse-eingehender-mails-anzeigen/

In the Thunderbird mail program, this functionality is easier to implement using the "Full Address column" add-on.

The attacker's trick is well known. After contacting the victims, the attacker tries to get them to buy vouchers for their superiors, e.g. for Amazon. In such cases (payments/solicitations from superiors) we always advise to have it confirmed on an independent channel by phone.

Even better against such fraud schemes, however, is the use of SMIME-signed mails with personal certificates. In the SMIME process, mails can be digitally signed, which is what makes legally secure communication by mail possible in the first place. This ensures both the integrity of the sender and the integrity of the mail content.

Instructions for the SMIME procedure, which is also offered by the ITMC at the TU, can be found in the service portal at:

service.tu-dortmund.de/group/intra/e-mail-sicherheit

Please also warn your colleagues, as it is quite likely that they have also received such a mail.

 

To top of page