Lab 12 Computer Security Basics

Part C: Email Security

Here we will discuss three common e-mail concerns: viruses, "phishing" attacks, and junk mail.

Viruses and phishing

Much of the time, viruses can spread through emails that look like they come from trusted sources. The email may contain enticing messages to download its attachments or click on a link, which eventually ends up infecting your system with a virus. Other times hoaxes can be sent out through trustworthy-looking emails that try and get information about you such as your credit card number. This process of obtaining your information through deception is called "phishing". Spotting these emails is very hard for software to do, and so it's up to you and your skepticism to figure out the good from the bad. Generally, the things to look for in an email message are the same things you should look for when looking at web sites. Here are a few of the ways that you can figure out whether an email is legitimate:

Look at the return address. Is it really from who it says it is? Or is it from another domain?
Look at the spelling. Are words spelled correctly? Is there proper punctuation?
Look at what the email asks you to do. If the email asks you for any personal information such as a Social Security Number, it is more than likely not legitimate, as reputable sites do not generally ask for such information over email.
Look at the links in the page. This is probably the most important step you can take, as oftentimes links in emails that try to get your personal information don't go where they say they go. Hover your mouse over the links before you click on them to make sure that they really go where they say.

One final thing to remember is to NEVER OPEN EMAIL ATTACHMENTS from people that you do not know. And even if you know the person, it is a good idea to scan the email attachment with an up-to-date virus scanner just to make sure, since a lot of viruses can disguise themselves as being from someone you know.

Junk mail filtering

Junk e-mail or "spam" is a problem that affects anyone who uses e-mail. It's also a problem that is unlikely to go away soon. Since e-mail is essentially free to use, it's profitable to send e-mail advertisements even if only a few people respond.

There are multiple ways of handling junk e-mail. Many e-mail clients have built in spam filtering. If you use your UW mail, you can turn on the university's server-side spam filter.

Visit the UW Email Delivery Manager in your browser.
Click on the "Junk Email Filter" tab.
Choose the e-mail filtering settings that you would like to use. Note that you can adjust the tolerance of the dilter. A "high risk" filter will filter out the most spam, but may inadvertently filter out legitimate e-mail.

Answer questions 4-7 in the Lab 12 Catalyst quiz online.