Email Spam

May 03, 2014

Email spam is defined as unsolicited mass email. Some spam is simply a nuisance, while other can contain offensive content, viruses, or links to phishing (fraudulent) websites.

To protect your computer from spam, you should always take precautions including:

  • Only open email from familiar contacts
  • Filter out unwanted spam messages by adjusting your email settings

While your College email account has heightened anti-spam protection, your personal email accounts may not be as well protected. Regardless, no email account is immune to forms of spam, so all users should be aware and cautious.

Phishing

If you receive an unsolicited email (or pop-up window) asking you to share your passwords, credit card, social insurance or bank account information, then this is most likely phishing. Delete the email, or close the window, and refrain from clicking any links on the email or page.

Phishing emails are fraudulent, unsolicited emails that try to steal your identity through a number of ways, including:

  • Appearing to be from a legitimate business or organization;
  • Urgent in manner, demanding immediate action, or else….
  • Linking to a seemingly-legitimate website, where you are prompted to enter personal or financial information, or even asking you to reply to the email with personal information.
  • Asking for your Vanier email password, posing as an IT Administrator. ITSS will never request your password.

Phishing is fraudulent and you should be very careful when you are asked to provide unsolicited financial or personal information by email. Legitimate businesses and organizations never request personal information by email unless you initiated the contact. If in doubt, contact them directly through contact information on their official website – never use the link they “conveniently” provided to you in the email.

Ways to Recognize Phishing

  1. Addressed as “Dear Customer” or a similar generic, unspecific greeting. Most legitimate organizations either personalize their email addressing, or are intentionally informal.
  2. Forged or Spoofed email address. It may appear to be from your bank or social network, but look carefully, and when in doubt, compare it with past legitimate emails from them. They might even appear to be from someone you think you know. The email might look like it comes from a friend, from a colleague or Helpdesk, or someone who might send an email message to everyone, such as the head of human resources or ITSS.
  3. Account status threat, for example, a warning that your account will be locked or terminated unless you reply.
  4. Misspellings or poor grammar. While this seems like it might be an unlikely occurrence, the fact is that many phishing attempts are filled with spelling or grammatical errors, many being startlingly obvious. Real organizations ensure that their material is correct, whereas many phishers do not have professional grasps of the English or French languages.
  5. Requests for personal information via either replying to the email or a provided link. Personal information can include: Login and password information; Credit card and financial information; and Social insurance information.

Examples of Common Phishing Attempts:

  • A bank notifying you that your account has been locked for security reasons and you are required to verify your information by clicking a link.
  • An e-commerce site, such as Amazon or eBay claiming that your information is out of date and requests that you update your information. When in doubt, go to their website address in your browser and login there.
  • A delivery failure notification with a provided “track your package” link even when you are not expecting a package.
  • A “wealthy individual” asking you to reply with your bank account information in order to participate in a financial transaction for which he/she promises you a share of his wealth.
  • Email from a friend who is stranded in a foreign country and needs to have money wired after they’ve had their wallet and passport stolen. These emails can frequently come the email accounts of real friends of yours, due to their accounts being compromised.

Do not respond to emails that exhibit these characteristics. Delete the email. When in doubt about an email purporting to come from within Vanier College, contact the sender by their internal phone extension or their email listed in the Staff Directory.