Echtheit von Nachrichten

Sender Forgeries

It is common for phishing and spam emails to use for the sender address A very common method is to change the sender name to a university mail address, while the real sender address is entirely different.

In the webmailer Roundcube the sender address is always shown behind the sender name

We get quite a few calls, that messages have been sent from university addresses, sometimes even to local colleagues. Almost all of these are cases of address forgery, hacked accounts or malware infected computers are relatively rare.

In most cases, forgeries are easily detected if the message is examined closely.

Relatively rare, but not unknown are complete adress forgeries. It is entirely possible to send an email with a university adresse from outside the university. Because the way email is structures, such total address forgeries can only ever be detected, not entirely prevented. There are even legitimate use cases for others to send mail with university address

Digitally Signed Messages

Mails from the computing center are digitallly signed whenever possible. Such a digital signature can be validated and displayed by mail applications:

• Roundcube displays a green banner indicating the message is signed and the signature is valid
  
• Thunderbird displays a sealed envelope
  
• Microsoft Outlook shows a ribbon and short message