direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Page Content

Tagging of external Emails

Starting June 20th 2022, ZECM activates a new security feature on its central mail server: External emails to TU accounts managed by the ZECM mail server will be tagged with a notice in their subject. This affects, for example, all student email addresses as well as all email addresses ending in "@tu-berlin.de" without further subdomains.

TU institutions with their own email servers, such as the Mathematics and Physics departments of Faculty 2, do not participate in the procedure. This means that incoming external emails are not marked there. At the same time, emails from accounts of these servers are considered as external messages by the ZECM server and marked accordingly.

This marking of external emails is activated automatically and bindingly for all TU email accounts. Depending on the email format, it may also be found in the body of the email.

What does the Tagging of external Emails look like?

1. Mime and signed Emails

Lupe

This type of email is used, for example, for signed or encrypted emails. The body of signed emails cannot be modified for technical reasons. Therefore, the note is added here solely in the subject header of the email:

2. Multipart/HTML Emails.

Lupe

In this email format, the note is also added in the body of the email as an HTML tag in addition to the subject:

3. Plain-text Emails

Lupe

Pure text emails receive the tag in the subject as well as directly in the body of the email:

Why are external Emails tagged?

By tagging external emails, ZECM, operator of the central TU email server, increases IT security in accordance with TU Berlin's IT security concept and makes it easier for you to detect phishing attempts.

TU Berlin with its more than 40,000 members is continuously targeted by phishing attacks. Up until now, 10-20 email accounts are captured by phishing at the TU Berlin every week. The measure serves to reduce this number. The senders of phishing emails often pretend to be TU members by using fake TU email addresses or sender addresses that look like legitimate TU emails at a cursory glance.

What to do if You receive an external Email?

An email marked as "External" does not have to be malicious or dangerous. Even legitimate emails from partners, colleagues, or acquaintances outside of TU are now tagged as "External".

Tagging serves as an aid to raise awareness of potentially risky emails:

  • Does the message come from a sender you know? Were you expecting the message? If in doubt, pick up the phone and ask the alleged sender if they wrote to you.
  • Are you asked to click on a link in the email? If so, please be especially careful and follow the instructions for recognizing spam emails from our "Kurzpräsentation Phishing" (German) at https://www.tu-berlin.de/?222271. If you are directed to a page that asks you to download a file or enter your login data, please always check the address line of the website in your browser as a precaution.
  • Is the content of the message credible and realistic? Is the sender trying to put you under pressure, e.g. by setting tight deadlines or imposing restrictions for non-compliance? Be skeptical and don't be intimidated by threats.

Dangers of Phishing Emails

The targets of attacks range from stealing personal access data such as that of the TUB account, online banking or shopping, to attempts to break into the TU network. Malicious actors try to deceive members of the TU and pretend that they are legitimate emails from trusted senders. If emails are marked as "External" in the future, it is easy to recognize that these are not emails from members or institutions of the TU with "@tu-berlin.de" addresses.

Please be sure to note that this does not automatically mean that emails from legitimate email addresses are safe! This measure reduces the risk of attacks from within the TU network, but it cannot guarantee complete security.

Is it possible to deactivate the Tagging of external Emails?

No, the function is mandatory for all email accounts on the ZECM‘s central email server and is used to identify emails from external or unknown sources.

Additional Information

For more information on how to handle emails securely and how to work with ZECM services securely, see https://www.tu-berlin.de/?222219 (German) and the FAQ at https://www.tu-berlin.de/?222406 (German), which deals with phishing emails, among other things.

Zusatzinformationen / Extras

Quick Access:

Schnellnavigation zur Seite über Nummerneingabe

Auxiliary Functions