Escape phishing wave from Google domain

Heed the warning **EXTERN** in the subject of e-mails

2021/12/14

Fraudsters are posing as TU members in a current phishing attack via gmail accounts. A note in the subject line should now draw attention to e-mails sent from outside.

There is currently a massive wave of emails circulating again (especially from Google adresses), in which the sender pretends to be a supervisor, for example, and requests an action (e.g. payments).

For the recipient, only the sender's name is directly recognisable in Outlook, but not the e-mail address.

Example:

Sending address “Prof. Stefan Forsch” <harry@gmail.com>

Only “Prof. Stefan Forsch” appears in the recipient's Outlook.

Be vigilant with **EXTERN** in the subject line

In order to be more vigilant and to be able to identify these mails better, in future every mail not originating from the TU network from a Google adress will be prefixed with **EXTERN** in the subject.

For all mails with the prefix **EXTERN**, first check the sender's address thoroughly and only open the mail after it has been successfully checked – otherwise: delete it unopened or put it in the SPAM folder.

More information on phishing attacks and IT security can be found on the IT security pages of the TU Darmstadt.