Email Spam & Phishing

Posted May 20th, 2016 at 9:54 am.

Spam email is unsolicited email sent to your email address. Here are some tips and tricks on how to avoid spam, as well as how to block it, and what to do if important emails are being marked as spam.

What is spam?

Spam is unsolicited email. Much like junk mail from the post office, these messages can simply be deleted or ignored. We have configured Office 365’s Online Protection features to identify and prevent spam messages, though no anti-spam solution is perfect.  You can also use Office 365 features to minimize the unwanted messages in your mail, see below.

What are the different types of spam message?

Some spam messages want you to purchase things or support a cause. These are mostly harmless, and can be blocked and deleted.

More dangerous variants may also contain a file attachment, usually containing malicious software (malware, viruses) to infect your machine. A virus can steal information without your knowledge, as well as use your machine in future attacks on other machines. A phishing email (see below) is one that attempts to “fish out” information, including usernames and passwords, Social Security numbers, bank account information, etc. Once the phisher has this information, they use the compromised account to, in turn, send out thousands of similar messages to other unsuspecting recipients.

How do I block spam?

We have instructions for using Office 365’s spam filtering located here.

Some messages are still getting through. What should I do?

Do not respond to the emails. Continue to mark items as Junk or Clutter.  Report particularly sophisticated messages to the Help Desk.  If you are unsure whether or not a message is spam, please call the Help Desk (x7440) or forward the message with an inquiry to help@brynmawr.edu. Finally, be aware of which sites are asking for your college email address. Check if their privacy policies will protect your information or if they send that information to third parties.

Phishing

Internet or email phishing is a common online threat. To help protect yourself, it’s important to be aware of common phishing scams to prevent becoming a victim.

What is email phishing?

Email phishing consists of emails sent with the purpose of gaining personal information from the email recipient, such as passwords or Social Security numbers. These messages are disguised as being from known companies or users, but are not from a legitimate source.

What are some common phishing attempts?

Phishers will often send messages to users saying their email account will expire or be closed unless the user replies with their username and password. The phisher then uses the account information contained within it. Please remember that Bryn Mawr College will never ask for your password under any circumstance, nor should there be any reason to share it. If you suspect someone may have access to your password or account, change your password immediately.

How can I recognize a legitimate email?

Bryn Mawr College will never ask you to give or send us your password, especially via email. Other major account providers (Yahoo!, Gmail, MSN, Comcast, etc.) follow the same practices. Messages from Bryn Mawr Library & Information Technology Services, especially regarding computing issues, will always be signed with one or more person’s name and title. If you receive a message where the name is not familiar, or the message does not conform to this standard, feel free to verify with the Help Desk or check the LITS Blog for verification. Please remember as well that many businesses or groups (especially govenrment entities such as the IRS) do not communicate via email.  Others, like UPS or FedEX, will not send you a generic message with too little specific information, and do not use attachments.

I may have given my information to a phisher. What should I do?

Immediately change your password and call the Help Desk or make an appointment as soon as possible. The Help Desk can then walk you through getting your account preferences set back to their original state.

If you have any questions or concerns, please contact the Help Desk at x7440 or help@brynmawr.edu.

Please visit https://www.stopthinkconnect.org/ for additional information and tips and advice for good online safety habits.

Filed under: Email,Information Security by Megan Clark

Comments are closed.