Security when dealing with e-mails
Security
Never assume an e-mail is authentic just because you know the (alleged) sender. If you’re unsure, ask the sender. If you are the alleged sender, you need to be especially careful.
It’s easy to spoof the sender of an e-mail.
Note: If there is any doubt, never open attachments or click on links!
![[Translate to Englisch:] [Translate to Englisch:] Punkt 2](/fileadmin/_processed_/3/e/csm_Punkt2_137a3ff721.png "[Translate to Englisch:] [Translate to Englisch:] Punkt 2")
A link can also target a 'Phishing' website on which you will be induced to disclose confidential data (such as your passwords). Moreover, the target of a link can be concealed, preventing you from seeing the website to which it will finally lead.
Links in e-mails can lead to websites containing malicious code.
Note: You should never click on links that you receive unexpectedly!
To handle your e-mails and passwords securely, please attend to the following points:
E-mail attachments are frequently used to distribute computer malware. If you open such an e-mail attachment, the malware will become active.
Attachments can contain malicious code.
Note: You should open attachments only if all the following conditions are met:
- The e-mail really does come from a sender who is known to you and from whom you are expecting an attachment,
- The e-mail and attachment match the form and structure of your e-mail partner’s previous communication style (for example, it’s suspicious if you receive an e-mail in English when you’ve been communicating in German),
- The attachment (or the content of a file archive in the attachment) contains no files with critical data types (including BAT, COM, JS, EXE, PIF, SCR, and VBS).
Note: Please note that malware contained in attachments of other file types can therefore still reach your mailbox.
Unfortunately, it’s impossible to block all potentially dangerous file types in e-mails, since productive working opportunities would be strongly restricted otherwise.
For further information, please read our Informational letter with recommendations for handling e-mails.
E-mail attachments are frequently used to distribute computer malware. If you open such an e-mail attachment, the malware will become active.
In order to reduce the risk of these kinds of infections with malware, e-mails that have the following components will be declined at the central e-mail gateway of the ZIM and not delivered to the receiver:
- E-mails whose attachments contain one of the following file types (this also applies to archives (such as zip or rar)): ade, adp, app, asp, bas, bat, bhx, cab, ceo, chm, cmd, com, cpl, crt, csr, der, exe, fxp, hlp, hta, inf, ins, isp, its, js, jse, lnk, mad, maf, mag, mam, mar, mas, mat, mde, mim, msc, msi, msp, mst, ole, pcd, pif, reg, scr, sct, shb, shs, vb, vbe, vbmacros, vbs, vsw, wmd, wmz, ws, wsc, wsf, wsh, xxe, docm, dotm, xlm, xlsm, xltm, xla, xlam, xll, pptm, potm, ppam, ppsm, sldm, accda, accde, and mdt
- E-mails that contain iFrames or something similar.
Spam protection
| Distributing unsolicited advertising and mass e-mails, also known as 'spam', has become a serious and strongly growing problem. Saving spam in e-mail accounts does more than tie up resources in the network and on servers unnecessarily. |
| Valuable working time is also lost through monitoring and deleting spam and constantly maintaining filter rules for sorting out such e-mails. |
| Viewing spam runs the risk that harmful programs will infiltrate and cripple computers or the network. Furthermore, customary server solutions that highlight spam automatically don’t always work satisfactorily if e-mails are falsely labelled as spam and therefore usually go unnoticed. |
| The ZIM deploys a widely used procedure that automatically marks SPAM messages at the mail incoming server and delivers them to the recipients. To drastically reduce expenses, the entire university uses an efficient procedure with the product name 'eXpurgate'. |
| In that procedure, all incoming e-mails are automatically examined for spam before they are accepted, and returned to the sender immediately if spam is confirmed. Your e-mail account will not be burdened with e-mails that can be classified as spam. |
| The spam recognition rate is very high, but unfortunately it’s not 100%. Therefore, unsolicited e-mails (especially those with falsified addresses) will occasionally make their way to you, and you must treat them with the necessary caution. The system also has a very low quota of e-mails that are falsely treated as spam, but which don’t go lost without a trace, due to the feedback accrued by returning them to their sender. |
Notice: If you really want to have spam messages delivered, please get in touch with ZIM Support.
Phishing
'Phishing' involves fishing for passwords and confidential data in supposedly legitimate e-mails. The scammers either ask you to click on a link as quickly as possible or to enter the data directly in the e-mail. This will give them access to your privacy.
Note: When it comes to managing your password, ZIM will only send you links that will redirect you to the identification portal with the following URL www.zim.uni-passau.de/kennung/.' This page is secured with a TLS certificate and is easily verifiable for correct origin.
You can recognise phishing e-mails and protect yourself from them by recognising the following signs. Signs may include:
| Impersonal form of address: | You are not addressed directly by name. |
Suspicious e-mail address: | In the sender address, for example, an 'o' is replaced by a '0' or it contains additions such as 'Service' or 'Info'. |
| Suspicious link: | You will be prompted to click on a link. Although the displayed text appears to be correct, this link redirects you to a fake page that looks very similar to the original. If you move the cursor over the text, the actual URL of the link will appear (usually at the bottom left). As in the e-mail address, letters can also be replaced by numbers in the URL. |
| Time pressure: | You are told you need to act quickly. |
| Threats: | You are told that your account will be suspended or similar |
Note: Do not enter any data and do not click on any links if you have even the slightest doubt about the authenticity of an e-mail.
You want more information about phishing?
ZIM recommends the following websites:
- On the website of the ZIM IT Security Officer you will find general information, statements and recommendations on the subject of security, including phishing. Click here to go to the IT Security Officer page.
- The BSI(Federal Office for Information Security) provides detailed information on the subject of phishing. Here you will also find examples of phishing attacks. Click here to go to the BSI website.
- The NRW consumer advice centre has a phishing radar. Here you can find out about current scam attempts. Click here to go to the website of the NRW consumer advice centre.
Support
If you are unsure about the authenticity of e-mails of this type, forward them as attachments to ZIM Support and delete them from your mailbox.
Note: ZIM News informs you about current phishing attacks. You are welcome to subscribe to our RSS feed to keep up to date with new events.
Share this page
