Message Authenticity
Echtheit von Nachrichten
Sender Forgeries
It is common for phishing and spam emails to use for the sender address A very common method is to change the sender name to a university mail address, while the real sender address is entirely different.
In the webmailer Roundcube the sender address is always shown behind the sender name
We get quite a few calls, that messages have been sent from university addresses, sometimes even to local colleagues. Almost all of these are cases of address forgery, hacked accounts or malware infected computers are relatively rare.
In most cases, forgeries are easily detected if the message is examined closely.
Relatively rare, but not unknown are complete adress forgeries. It is entirely possible to send an email with a university adresse from outside the university. Because the way email is structures, such total address forgeries can only ever be detected, not entirely prevented. There are even legitimate use cases for others to send mail with university address
Digitally Signed Messages
Mails from the computing center are digitallly signed whenever possible. Such a digital signature can be validated and displayed by mail applications: