Always view e-mail suspiciously!

E-mail security infrastructure  (On-campus and off-campus)

• Every day, the WOU anti-virus, anti-spam filter stops 200,000+ e-mails from being delivered  (true for both on-campus and off-campus viewing of e-mail)
• When the WOU intrusion protection system detects “Ransom-ware”, it sends a note to the border firewall and tells it to no longer allow the “Ransom-ware” intruder onto the campus network, thus protecting your computer.
  • The one case of “Ransom-ware” that was not stopped by the IPS this year, encrypted the users local computer and 70,000 files on his departmental drive.
  • We had snapshots of all the files on the departmental drive and were able to recover the encrypted files.
• When reading your e-mail outside of WOU, if you were to click on a bad link that connects you to “Ransom-ware”, you are no longer under the protection of the IPS.
  • A member of the local Monmouth community was asked to pay $1,000 to un-encrypt his files after being hit by “Ransom-ware”.
• Another common scheme is to ask you do perform some task, posing as someone you know and trust.

Recommendations:

• Don’t click on URLs before you know where they will lead.
  • Shortened URLs can be dangerous  http://goo.gl/fPKDds
    • unshorten.it can be used to expand a shortened URL, also providing the site’s trustworthiness
    • Best practice is to:
      • Hover over the link and verify the link is legitimate OR
      • Type the link in manually
      • Never click on the link, the URL that is displayed, may not be the underlying URL
  • Watch for slight differences in URLs  (ex:  www_wou.edu instead of wou.edu
• UCS will not ask you for your password or SSN in an e-mail
• When in doubt about the source of an e-mail, full headers will provide you further data in regards to the legitimacy of the e-mail  (partial headers)
  • To display full headers:
    • Google mail: open message, select the icon that provides you with the option to reply-all.  Select “Show original”
    • Thunderbird:  open message, select view, select headers, select all
    • Outlook:  open message, select tags. The Message Options dialog box is displayed. The internet headers are shown in the Internet headers field at the bottom of the dialog box.

Additional references:

• Homeland Security — Ransomware
• Homeland Security — Phishing