- De
- En
E-mails from central systems such as the Account Management are sent exclusively via sender addresses that end with “@gwdg.de” and use a digital signature. It happens that faked e-mails, that seem to come from the GWDG at first sight, find their way into users’ inboxes. We always inform our users as soon as we become aware of such an e-mail. These e-mails may contain links to phishing websites, spam or attachments with malicious content. It is important to know that we will never request a password by e-mail or any other support channel.
Our websites generally (and especially when displaying and requesting user data) use encryption and contain a digital certificate. Unfortunately, however, it happens that, especially in phishing, e-mails contain links to websites that look very similar to ours. On these pages, users are then usually asked to enter user data such as their user name and password.
We only send emails from central systems such as the Account Management via sender addresses that end in
“@gwdg.de” and use a digital signature. Depending on the email program used, the message is displayed differently.
Often an icon, e.g. , indicates a signature or the word “Signed” next to the email.
Example: Apple macOS Mail
Clicking on the icon or “Signed” opens a detailed window with further information on the signature certificate. The certificate chain can be viewed and checked here. The GWDG works with the DFN-Verein, which has concluded a contract with the certificate management “Sectigo RSA”. In the certificate chain of our signature, the “Sectigo RSA” is therefore specified within the chain. Older certificates before 2022 use the prior certification service of “DFN-Verein”.
Our websites generally (and especially when displaying and requesting user data) use encryption and contain a digital certificate. Links to our websites therefore always begin with “https://”. Common browsers also display a padlock symbol if the connection is secure.
Example: Apple Safari
Clicking on the symbol or “Signed” opens a detailed window with further information on the certificate. Here you can the certificate chain can be viewed and checked. The GWDG works together with the DFN-Verein, which has concluded a contract with the certificate management “Sectigo RSA”. The DFN-Verein (or “Sectigo RSA”) is therefore always specified as the certification authority in the certificate chain.
In our GWDG-News Special 1/2014 the topic „E-Mail und Zertifikate“ has been covered extensively. From the application and installation to the use of certificates in various e-mail programs.
Phishing describes e-mails that are fraudulently sent to a large number of people in order to obtain private information such as user names or passwords, as well as websites with the same purpose. These emails or websites can look deceptively genuine and be disguised as legitimate. It can therefore be difficult to recognize fake e-mails or websites as such, as the style, color and choice of words or entire text excerpts from trustworthy e-mails and websites.