Email – A commodity not without risks
June 2008 | By Damon Armour, IT Security Officer
Each day we sift through our collections of newsletters, personal messages, and work-related topics on our email. But lurking along with the messages we want to read is the growing presence of spam, phishing, and targeted delivery denial emails. Identifying what is legitimate is an ongoing and increasingly complex battle. Becoming aware of risky communications, however, can help the university and all of us as individuals to keep our email a safe place to communicate.
Many of you may have heard of the famous Nigerian bank phishing emails. It goes like this: an individual needs to move some money and merely requires your banking information in order to accomplish this—with, of course, your reward coming at a later date. This is a form of phishing. The most recent attempt at acquiring your personal information is through fraudulent IRS tax and IRS economic stimulus emails. These emails are convincing because they appear to have come from the IRS. However, be wary. No government agency or reputable business will ever ask you for any personal information (credit card numbers, social security number, banking accounts, passwords, etc.) through email. If you receive one of these types of emails, you should contact the firm or government agency by telephone or through their email abuse sites that can be found on most company websites. The IRS has a very informative site with examples and instructions on how to deal with phishing emails. http://www.irs.gov/privacy/article/0,,id=179820,00.html .
Recently, our campus has received a large volume of emails addressed to individuals stating their message delivery failed. But upon further investigation, the email resembles common spam message advertisements that were not sent by the campus individual. The popular term to describe this event is backscatter. When you receive these types of emails, notify the ITS Help Desk. Delete the emails, and the number of these emails will trickle off after a few days. ITS is currently looking into methods to better protect our campus from these email abuses and is working with our vendors to find a solution. More details on backscatter can be found at Spam Resource: http://www.spamresource.com/2007/02/backscatter-what-is-it-how-do-i-stop-it.html .
Email has proven to be an invaluable method of communicating, both for work and personal use. But, unfortunately, email has enabled a very simple, far-reaching method for people to exploit one another. Each of us needs to think before we act on a suspicious-looking email. We would not give our private information to strangers on the telephone without validation; the same should be true for emails.
For more information on protecting yourself when using email, contact Damon Armour in ITS, firstname.lastname@example.org.