IT Center Blog

Safety first: Beware of Phishing Mails with RWTH names!

December 9th, 2019 | by


Students and RWTH employees often receive e-mails from official university addresses in their digital mailboxes. But if the sender says “RWTH”, are they really from a person who is a member of the university?


Unfortunately not always and therefore caution is necessary!


Caution before opening your e-mails!
Source: Pixabay

There are so-called E-mail Phishing attempts at the RWTH and therefore it is important to check before opening the message whether it is a secure sender. The dangerous thing about phishing e-mails is that they usually appear very realistic and official and that’s why they increase the risk of students and staff being lured into an identity theft trap, for example.


Phishing Mails have fake senders and titles, or logos are misused, so it is important to know what the “real” e-mails at RWTH represent: Many of the official university email addresses are signed and with S/MIME. This means that the employee and collective e-mail addresses have a security certificate.


This can be recognized even without opening an e-mail by a small red symbol next to the sender. This signature appears a little different in Thunderbird and AppleMail, but in a similar form:


E-Mail certificate sign


The IT Center is strongly opposed to phishing emails because they can have serious consequences, such as blocking RWTH addresses from other providers so that emails can no longer be sent and even contact with the public prosecutor’s office.


Since not all university emails are signed as shown above, it is important to take a close look at them and check the sender address. If something appears suspicious before opening the message, the mail should not be opened and no links contained in it should be clicked on. If this happens, the computer should be urgently checked for viruses.


If you suspect that your account is being misused, all passwords should be changed  using our Selfservice page. In any case, the IT Center must be informed immediately so that further measures can be taken.


Responsible for the content of this article are Jana Baur and Liza Schwarz.

Comments are closed.