Phishing and other e-mail traps

Always view e-mail suspiciously!

 

E-mail security infrastructure  (On-campus and off-campus)

  • Every day, the WOU anti-virus, anti-spam filter stops 200,000+ e-mails from being delivered  (true for both on-campus and off-campus viewing of e-mail)
  • When the WOU intrusion protection system detects “Ransom-ware”, it sends a note to the border firewall and tells it to no longer allow the “Ransom-ware” intruder onto the campus network, thus protecting your computer.
    • The one case of “Ransom-ware” that was not stopped by the IPS this year, encrypted the users local computer and 70,000 files on his departmental drive.
    • We had snapshots of all the files on the departmental drive and were able to recover the encrypted files.
  • When reading your e-mail outside of WOU, if you were to click on a bad link that connects you to “Ransom-ware”, you are no longer under the protection of the IPS.
    • A member of the local Monmouth community was asked to pay $1,000 to un-encrypt his files after being hit by “Ransom-ware”.
  • Another common scheme is to ask you do perform some task, posing as someone you know and trust.

Recommendations:

  • Don’t click on URLs before you know where they will lead.
    • Shortened URLs can be dangerous  http://goo.gl/fPKDds
      • unshorten.it can be used to expand a shortened URL, also providing the site’s trustworthiness
      • Best practice is to:
        • Hover over the link and verify the link is legitimate OR
        • Type the link in manually
        • Never click on the link, the URL that is displayed, may not be the underlying URL
    • Watch for slight differences in URLs  (ex:  www_wou.edu instead of www.wou.edu
  • UCS will not ask you for your password or SSN in an e-mail
  • When in doubt about the source of an e-mail, full headers will provide you further data in regards to the legitimacy of the e-mail  (partial headers)
    • To display full headers:
      • Google mail: open message, select the icon that provides you with the option to reply-all.  Select “Show original”
      • Thunderbird:  open message, select view, select headers, select all
      • Outlook:  open message, select tags. The Message Options dialog box is displayed. The internet headers are shown in the Internet headers field at the bottom of the dialog box.

Additional references:

Comments are closed.