Email Safety Tips

Tags ISU-emails
Environment
  • Platform
    • Google Mail
  • Audience Affected
    • Everyone
Resolution

We have noticed an increase in the overall ability on campus to detect and avoid malicious email communications. Thank you for your efforts to help keep ISU's information safe and secure.

Unfortunately, even though we are getting better at ignoring malicious communications, the scammers and crooks have not given up. They are creating ever more sophisticated ways to try to trick us as was evidenced by the recent nationwide Google Docs scam. Almost 200 individuals with ISU email accounts got caught by this particular, "social engineering," attack. 

Often we are asked how one can know if anything included in an email is safe to click on or download. In the past, we have tried to provide training on how to detect potential malware. Now, however, our advice is that if an email contains a link, don't automatically click it, even if it appears to be coming from someone you know. There are things you can do to help reduce the risk of clicking on a malicious link. For example, if you are being asked to click on a link to go to PayPal, go to PayPal yourself by typing in PayPal's URL directly. If someone wants you to read an article to which they send you link, do a search for subject keywords related to the document being discussed. If someone says they are sharing a BOX -or similar- document, call the sender (don't use reply-to, you may not be replying to who you think you are) and ask them if they sent the message, or better yet, ask them to resend the original message. You can be confident that the resent message (if received in a timely manner) is legitimate.

Speaking of calling the sender, this is one of the best ways to verify the legitimacy of a message that has an attachment with instructions to download and execute. Even Microsoft Office files and PDF files can have embedded executable code that can run, and potentially infect your computer, when the document is opened. Call the sender and ask them to verify that they did send the attachment before downloading it.

If at anytime you feel suspicious about the legitimacy of an email, whether or not it has links, attachments or is just asking you to do something that seems, "sneaky," you can always call the ITS Customer Service desk at x4357. They can put you in touch with a security specialist who can help you determine if your message is safe.

Information Security Manager

Information Technology Services, Idaho State University


For additional assistance, please contact Information Technology Services - Client Experience & Solutions Group (208) 282-4357 or through  chat

Details

Article ID: 55603
Created
Tue 6/12/18 10:05 AM
Modified
Fri 9/24/21 1:00 PM