Spam, viruses and other unwelcome email content have become a serious problem for internet users and for the university. In response Information Services subscribed to a spam filtering service for staff email, provided by Symantec's MessageLabs. See below for more information on the spam filtering service.
Our spam filter can not protect us from all threats and we each have a responsibility to be vigilant and protect the university's reputation and data, as well as our own personal finances. Phishing scams have become one of our biggest risks.
Please read on to find out how to keep your data and reputation safe.
How to avoid being hooked by phishers
Phishers use IT systems to get money, or confidential information from you. They do this by tricking you into downloading and installing malicious software on your computer, usually by asking you to click on links in mail messages but they may also telephone you and ask you to visit a website. Once they have access to your computer, one of the first things they will do is send email messages to all your contacts (internal and external), passing on malicious software in your name. These scams are getting increasingly sophisticated and messages look very realistic, but there are a number of signs you can look out for as shown in the messages below:
The first message below appears to come from a member of university staff (details obscured). This is because they clicked on a link in a phishing message, giving the malicious software access to their email account and contact details:
The message looks like something university staff might expect to see, using words like 'IT Help Desk' or 'Service Desk'. However, resting your mouse over the link will show you that it is not taking you to a safe university site:
The second example looks very professional and even uses Barclays Bank graphics:
What to look out for:
spelling and bad grammar. Many of these messages come from countries where English is not the first language
links to insecure websites hiding behind fake addresses - before clicking on a link in an email, always rest your mouse (without clicking) over the link to check where it is really going to. Secure websites always start with https: - be very wary of any addresses that start with just http:. In the example above the real address is a bit.ly short-cut address. You can not tell where it is actually going but you can see it is not a secure site.
the message asks you to do something unusual, for example verify your details, or it tells you that your account has been compromised, or that it will be closed down unless you supply confidential information. The university and other organisations will never ask you to supply details such as usernames, passwords, or bank details, in this way. Never tell anyone your password and never enter your university password into any webpage that does not begin with https:, no matter how convincing the request is!
If you are worried that one of your accounts has been compromised, the best way to check is to try logging on in the usual way. Go directly to the web page you usually use, do NOT follow a link in an email message.
Now try this Phishing quiz from Google - you'll be asked to spot which are genuine messages and which are Phishing messages.
For more tips on how to spot malicious 'phishing' messages see advice on email and text message scams from Barclays at this site: http://www.barclays.co.uk/Helpsupport/FinancialScams/P1242561788639
Note that this site does not begin with https: but they are publically available sites and don't ask you to log in nor supply any information about yourself.
How does the spam filtering service work?
All mail coming in to the university from the internet first passes through pur SPAM filtering service. Any messages suspected of being spam are returned to the sender. These messages are not deleted but are kept in a quarantine folder on the MessageLabs service. If you think that a message you are expecting may have been wrongly identified as spam, contact our Service Desk
and ask them to retrieve the message for you.
Messages received from and sent to external email addresses have the following text at the bottom to show they have been checked:
This email has been scanned by the MessageLabs Email Security System on behalf of the University of Brighton [or BSMS].
See information on the right to find out what you should do if you suspect a spam/phishing message has slipped through into your university email account.
Further advice on keeping your data and the university's data safe:
Only messages coming into or going out of the university are checked by the spam filters. Messages sent internally are not checked. Computer viruses and other malicious software can attach themselves to email clients and send harmful messages appearing to be from the computer's owner. To keep your email account and the university's systems safe:
think carefully before downloading software, opening email attachments, or clicking on a link
never give out passwords
do not access your university email from a computer that does not have up to date antivirus software installed
- do not assume that just because you know the sender, the message is safe
- if a message is unexpected, carefully check links to web pages before opening them - let your mouse rest over the link until the real address appears on your screen
- do the links to web pages begin with https:// or http:// ? Secure websites always start with https://
- is the web address completely different to what you would expect?
Not all spam is malicious
You may be receiving marketing messages from companies you have contacted in the past. If you don't want to receive these messages you can ask to be removed from the company's mailing list. Look towards the end of the message and you will normally find a link to unsubscribe. This takes just a few seconds and will help to reduce your inbox clutter.