general:mail
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
general:mail [2023-10-12 11:47] – [Mail] Markus Rosenstihl | general:mail [2024-03-05 10:27] (current) – [Phishing] Markus Rosenstihl | ||
---|---|---|---|
Line 3: | Line 3: | ||
Every member of the IPKM has an email address with the scheme **name.surname@pkm.tu-darmstadt.de**. | Every member of the IPKM has an email address with the scheme **name.surname@pkm.tu-darmstadt.de**. | ||
- | < | + | <WRAP round tip> |
Please note that this mail account is completely independent to your TU-ID and your mail address from the university' | Please note that this mail account is completely independent to your TU-ID and your mail address from the university' | ||
Line 34: | Line 34: | ||
- | <WRAP warning round 60%> | + | <WRAP warning round> |
===== Security ===== | ===== Security ===== | ||
Most important points: | Most important points: | ||
Line 82: | Line 82: | ||
Auch Gewinnspiele in Zeitungen oder Einkaufszentren sind für Adresssammler eine ergiebige Quelle. Lesen Sie daher stets das Kleingedruckte, | Auch Gewinnspiele in Zeitungen oder Einkaufszentren sind für Adresssammler eine ergiebige Quelle. Lesen Sie daher stets das Kleingedruckte, | ||
+ | |||
+ | (English transaltion) | ||
+ | |||
+ | There are various ways in which your email address ends up in the hands of spammers. This happens automatically through so-called harvesters: small programmes systematically search websites and harvest all email addresses found, for example in guestbook entries or in the imprint. Often, however, addresses are simply put together at random from frequently occurring combinations - for example, according to the info@domain.de scheme. | ||
+ | |||
+ | Competitions in newspapers or shopping centres are also a rich source for address collectors. Therefore, always read the small print before you enter your e-mail address in any entry form. Last but not least, the commercial trade in e-mail addresses for advertising purposes has become a flourishing business. Professional traders usually have huge databases with many millions of e-mail addresses. However, according to observations by the BSI, the trade in illegally acquired addresses stolen from infected systems is also on the increase. | ||
==== Phishing ==== | ==== Phishing ==== | ||
Line 93: | Line 99: | ||
From the BSI, retreived 2021-11-16 | From the BSI, retreived 2021-11-16 | ||
+ | |||
+ | (English translation) | ||
+ | |||
+ | Those who want to spread viruses and worms via email like to hide behind legitimate-sounding sender addresses: both spam and phishing email senders use them to disguise their true identity. This is because sending spam is illegal in Germany. In addition, the trustworthy name is intended to increase the chance that a recipient will actually open the email. | ||
+ | |||
+ | A look behind the technical scenes: Special computer worms misuse e-mail addresses in order to multiply: They send themselves to every address they discover on an infected system. To do this, they search through contact folders and HTML files, among other things. Most browsers store recently visited websites for a certain period of time in a so-called cache, which thus becomes a rich source of addresses for resourceful computer worms. | ||
+ | |||
+ | A second starting point for address forgers are incorrectly configured e-mail servers that can process any e-mail address. This can also be used to send e-mails with a forged sender. In contrast, a correctly configured e-mail server only sends and receives e-mails from a specific address range. | ||
+ | |||
+ | |||
+ | |||
==== CEO Fraud ==== | ==== CEO Fraud ==== | ||
Line 103: | Line 120: | ||
Diese Art von Spam kommt auch bei uns manchmal vor, bitte auf die Mailadressen achten. | Diese Art von Spam kommt auch bei uns manchmal vor, bitte auf die Mailadressen achten. | ||
+ | (English translation) | ||
+ | CEO Fraud (also known as Business Email Compromise (BEC), Fake President Fraud (FPF) or Bogus Boss Email) is a scam in which companies are manipulated into transferring money using false identities. | ||
+ | |||
+ | Typically, the emails are well forged and appear to come from a member of the company management. These emails instruct the transfer of large sums of money to a foreign bank account for supposedly legitimate reasons. However, very good forged letters (logos of federal authorities, | ||
+ | |||
+ | [[https:// | ||
+ | |||
+ | This type of spam also sometimes occurs in our organisation, | ||
====== Custom Spam Filter ====== | ====== Custom Spam Filter ====== | ||
Der Filter auf unserem Mailser war zu restriktiv und zu viele Mails wurden fälschlicherweise als Spam deklariert und in den Spam/Junk Ordner verschoben. | Der Filter auf unserem Mailser war zu restriktiv und zu viele Mails wurden fälschlicherweise als Spam deklariert und in den Spam/Junk Ordner verschoben. |
general/mail.1697104074.txt.gz · Last modified: 2023-10-12 11:47 by Markus Rosenstihl