How to recognize our messages and what to look out for:
A guide to recognizing valid e-mails from Evonik for our customers, applicants, and partners: How to recognize our messages and what you need to pay attention to.
E-mails are fundamentally not a secure means of communication. The structure of an e-mail corresponds to a common letter, which means that the sender can be entered/falsified as desired. The recipient can therefore not check the correct sender of an e-mail without further action.
Evonik always uses the domain (trailing section of an e-mail address after the @ sign) evonik.com or <xyz>.evonik.com as the sender (e.g. info@newsletter.evonik.com). However, e-mails with these senders are not safe per se, as they can also be easily faked. Conversely, however, an Evonik e-mail with a different sender is a very good indicator of a bad forgery. This applies in particular to similar-looking domains such as evoniik.com, euonik.com, or evomik.com.
So as a matter of principle, do not trust the sender and check the content of the email for consistency and legitimacy. If in doubt, always contact your internal IT department and/or report suspicious e-mails to your IT security team. If you have a contact person at Evonik, you can also contact them. However, under no circumstances should you use contact data from the suspicious e-mail for this purpose, but rather a telephone number you already know; only in an emergency should you make contact via a new e-mail to a known @evonik.com address.
Only additional technical methods can be used to verify whether the sender of an e-mail is genuine. Therefore, we recommend these steps to increase security:
1. For mail programs that use the so-called "BIMI" (Brand Indicators for Message Identification), the Evonik logo is displayed next to the e-mail after successful verification:
2. Unfortunately, Microsoft Outlook does not support "BIMI“,but if configured accordingly by the IT department, it will mark those e-mails that cannot be successfully verified (see Microsoft support: How can I identify a suspicious message in my inbox?).
3. If your email program does not support "BIMI" (e.g. Outlook), contact your IT department or IT security team with the information for IT professionals.
Evonik uses the following sender domains:
- @evonik.com
- @<xyz>.evonik.com (e.g. @newsletter.evonik.com)
- Short URLs evonik.click, evonik.media, evonik.finance and evonik.social
- Product-specific special domains about which the recipient is informed in advance (e.g. RiSource, Ariba, Microsoft Sharepoint)
Evonik uses SPF, DKIM and DMARC for the technical validation of its own e-mails:
- All authorized mail servers are included in the SPF Records documented
- All emails are DKIM signed
- For all domains a DMARC-record is set
If the above techniques are used for verification, the user can rely on the authenticity of the sender (via Brand Indicators for Message Identification [BIMI] this is done automatically). We strongly recommend using the possibility for verification and to implement the following measures:
- Accept incoming email only from existing domains and do not deliver email to users who fail an SPF check.
- Mark all external emails with a warning.
- Add e-mails from Evonik (and other partners, if applicable) to an exception list from the warning after they have passed the DMARC check (no warning or a different warning). This makes it immediately apparent to the employee that the e-mail has been checked and that the sender is genuine.
- Use up-to-date email security solutions.
- Check reputation and age of mail domains used.
Evonik also supports S/MIME and PGP for the exchange of e-mails requiring special protection. Please contact your Evonik contact if you would like to use this service (Keyword SEEM - Secure Evonik E-Mail).
Changes of bank data are never announced via e-mail only! Otherwise, the same applies here: If in doubt, always contact your internal IT department and/or report suspicious e-mails to your IT security team. If you have a contact person at Evonik, you can also contact them. However, under no circumstances should you use contact data from the suspicious e-mail for this purpose, but rather an already known telephone number; only in an emergency should you make contact via a new e-mail to a known @evonik.com address.
How to recognize links from Evonik:
Our main URL is www.evonik.com. However, when it comes to accessing complex addresses on the internet or the internal online environment, short URLs are a popular tool. For example, https://evonik.social/instagram leads to https://careers.evonik.com/en/about/evonik-social-media/instagram.
We use the following short URLs:
- evonik.click - standard for corporate short URLs
- evonik.media - for referencing media
- evonik.finance - exclusively for Evonik's financial communication
- evonik.social - exclusively for social networks.