The Do’s and Don’ts of Email

The July issue of OUCH!, led by Guest Editor Dr. Eric Cole, discusses how we can be our own worst enemy when using email, including accidentally emailing the wrong people, not understanding the difference between “cc” and “bcc” and the dreaded “reply all.”

Download the July issue of OUCH! (pdf) and feel free to share with colleagues.

Also, what should you do about all that spam?? Here’s a video created by IS&T with some tips on how to keep unwanted emails at bay.

Increases Seen in Phishing Attacks

“Dear Webmail Subscriber,” “Confirm Your Web Mail,” and “Upgrade Your Account!” These subjects lines were in recently received email messages attempting to get me to click on a bogus link or respond with my username and password. Had I done so, an attacker would have easy access to my email account.

Email is one of the most frequently used venues for cyber attacks. It is fertile ground for cyber criminals and a vulnerability for most organizations because of unwitting end users.

At MIT, we see a lot of unwanted email in our inbox. Even with filtering and blacklisting tools on our email system, some of these dangerous messages still come through. Generally, the fraudulent message appears as if it is from email administrators of MIT and, like the examples mentioned above, tries to get you to click on a dangerous link or asks you to supply the login credentials to your web mail account.

The IS&T Help Desk has seen an increase in incidents related to users falling for these types of phishing scams. As a result, MIT email accounts become compromised and then large amounts of spam is sent from those compromised accounts by the criminals.

If an MIT account becomes compromised, the first recommendation we give is to change and strengthen the Kerberos password that protects the account.

Learn more in the Knowledge Base: What to do if your email account is compromised.

How To Verify the Source of an Email

If you are ever in doubt whether an email you received originated from the place it claims to be from, try this: verify the information by reading the full headers of an email.

Email headers (also called “full headers“) are the details that show the path the message took to reach your inbox. Details such as dates, times, mail servers it passed through and even the originating email address are included.

I am sure you have seen questionable emails that claim to come from the MIT Email Team or a System Administration team in IS&T. You have also likely received many emails that claim to come from a business, such as Fed Ex or a bank. Sometimes they can really fool you; even the “from” address makes it look like these emails are legitimate.

But wait! Before clicking on any links within these emails or replying to the sender, check the header. This article shows you how easy it is to find out who the real sender of an email is by reading the information contained within the header.

Emails Disguised as Coupons or Deals on the Rise

Be sure to double check that Groupon (www.groupon.com) you received in your email. Spammers are using the popularity of emailed advertisements for group discount deals to send malware.

The rise of malware through fake email advertisements and notifications are on the rise, according to a study released by security firm Kaspersky Lab.

“They are primarily doing so by sending out malicious emails designed to look like official notifications,” according to the report. Kaspersky Lab is seeing more and more of this malicious spam. Other types of popular emails disguised as notifications from official sources include letters from hosting services, banking systems, social networks, online stores, and hotel confirmations.

Read the full story in the news.

A New Phishing Attack Seen at Universities

According to the Chief Information Security Office at Brown University, a new phishing attack is being seen by the university and other schools. An email that look like it comes from the school asks the recipient to join the school’s “Collaborative Network.” The link in the email takes you to a signup page where you are asked to choose a “WebID” and then provide an email address among other information, including password.

See the phishing alert by Brown to their users, warning them to not reply to the email.

Learn more about phishing here.

Spam Getting Through? Report It.

The email coming through MIT’s email servers also runs through the Symantec Brightmail Gateway. This service ensures that most spam is caught before it reaches our in-boxes. End users at MIT can log into the Gateway to set up good and bad senders lists. It also allows users to release spam that is inadvertently caught by the Spam Quarantine. Learn more.

Unfortunately, no spam filters are 100% fail-safe. Unwanted email may still get through and land in our in boxes. I’m referring to unsolicited email that should not have made it through the filters in the first place. IS&T does not have fine-tuning control over the spam measuring features built into the Gateway itself; that is controlled by the vendor, Symantec. However, the vendor does provide users with a way to submit feedback so that the metrics used to tag emails as spam can be tweaked. If you are computer savvy, this knowledge base article posted by Symantec explains how you can manually submit spam and false positives to the Symantec Security Response Center.

NOTE: The spam feedback service is provided by Symantec to its customers, it is not a service that IS&T offers to MIT. Users must contact Symantec directly for support.

OUCH! Newsletter, March 2012: Email Dos and Don’ts

The month’s issue of OUCH! from SANS.org explains the Dos and Don’ts of using email. Specifically, how people can be their own worst enemy when it comes to copying the wrong recipient with auto-complete, sending an email when emotionally charged or not understanding the privacy limitations of email.  The newsletter provides in simple terms how some of email’s most common features work and how to avoid shooting yourself in the foot.

Read or download the newsletter in PDF format here.