CT Community Colleges - Information Security

Overview

Committees

ITPC

ISRAAC

ISPO Advisory Group

ISPO Working Groups

Report Incident

CCC Policies & Procedures

CT Community Colleges - Information Security - Bad Email

"Please, how do I stop all this spam!"

We've all received an unwanted e-mail or two (or many!) from time to time. No matter what we call it: spam, junk e-mail, unsolicited commercial email (UCE) or unsolicited bulk email (UBE) - it's all the same. Some are as innocent as asking us if we are in debt and need financial help while other e-mails offend us with their disturbing content.

What have you done in the past when you receive these? Did you just delete them or did you respond to them telling them that they better not send you any more of this and to take you off their mailing list? Did you know that doing this might actually get you MORE SPAM!!! You'd be VERY interested to read the DO's and DON'Ts of what you should and should NEVER do with unwanted e-mail, continue on to: How to deal with spam!

"I didn't send this person an email, why is it telling me that their email address doesn't exist?" or "I just got a virus notification email telling me I tried to infect someone. Am I really infected with a virus?"

Both of these cases are common side-effects of spam and viruses these days that you need to be aware of. Continue on to What is spoofed email? for more information.

"I just want to help out the little, lost boy by forwarding this email to all my friends..."

You've dealt with the obvious bad e-mail; mail sent from people you don't know for a product or service you don't want. What about e-mail you never thought of as "bad"? The ones that come from someone you know - your brother or a co-worker. I'm sure you've thought nothing bad about the e-mail you get about the little, lost boy who needs everyone to look at his picture to see if they've seen him? Oh, by the way, don't these e-mails always say in BIG BOLD LETTERS to forward it to all your friends?

These types of e-mails are grouped with the "scare-mail" type of e-mail that have subject lines like "WARNING: BE CAREFUL AT GAS PUMPS! PLEASE READ" They all are well-known Internet hoaxes, also known as Internet folklore and urban legends. Read more about it at: How to identify an E-mail hoax and what to do about it.

"This is great news! My bank's new security feature will help protect me. All I have to do is click on this link and enter my credit card number or social security number!"

Don't be fooled by this. Your bank did NOT send this email to you. These emails are "phishing" for the right person who will believe that this email actually came from their bank and they will click on the link in the email and provide these "phishers" with their credit card, social security number or account username and password.

This is the most harmful type of email, in that phishing scams, if they are successful, steal your money. Phishing scams use social engineering to steal your personal identity data and financial account credentials. They use 'spoofed' e-mails to lead consumers to fake websites designed to trick recipients into divulging personal information to them, so they can eventually steal your money by using your credit card number or username/password on the banks REAL site.

So before you click on that link inside an email, you should read up on common phishing tactics at: How to identify phishing emails and how to protect yourself.

"Why shouldn't I send all of my E-mail out using HTML formatting?"

We know that HTML formatted E-mails are very common these days. Everyone is sending them out with fancy backgrounds, colored text and embedded images. But the real question is, "What am I opening myself and my company up to when I do this?" and "Is it worth the security risk just to have a fancy background on my E-mail?" Read on to find out why you should be hurrying to change your E-mail formatting preference away from HTML!