Body
Key Points:
-
Our current email filtering system drops >95% of suspicious traffic, which means that for every legitimate message you get in your inbox, we filter 9 suspicious messages.
-
Suspicious messages can be classified as either spam or phishing.
-
Spam messages are generally -- but not always -- harmless. They are unsolicited messages that are sent to multiple people at the same time that can be perceived as being irrelevant or annoying. Spam can contain links that can install malware (e.g., a computer virus) or be used to capture confidential information like passwords.
-
Phishing messages are more malevolent as they will attempt to trick you into clicking on something to reveal confidential information by using urgent or even threatening language.
-
Using your work e-mail address to register on any website may create spam. Create another free e-mail address through Gmail, Yahoo, Hotmail, etc. for this purpose.
-
Report the suspicious message, then delete -- never reply or unsubscribe to spam messages because this will only confirm to spammers that your e-mail address exists causing you to receive more spam (spammers randomly generate addresses and wait for a reply). To see how to report the message in Outlook, click here to view Knowledge Base article 146335. Remember to report and delete!
-
If you receive a suspicious message, only report it once to the Reynolds network security team.
Below are some of the most frequently asked questions that the Help Desk gets concerning messages that are potentially suspicious.
Question #1: I do not recognize the sender or subject in this e-mail. What should I do?
Answer: Ignore and delete -- never reply or unsubscribe to it because this will only confirm to spammers that your e-mail address exists, causing you to receive more spam messages (spammers randomly generate addresses and wait a for reply). If you think the message is suspicious rather than just simply annoying, report it (instead of ignoring it), then delete it.
Question #2: How do I tell if an email is legitimate or suspicious?
Answer: There are certain signs that you can spot to determine if an email is potentially suspicious.
- The sender's name doesn't seem to match their email address. For example: An email looks to come from John Doe but the email address is listed as jdough@company.com.
- The sender's email address is something that the person hasn't used before to contact you. For example: John Doe usually emails you from JDoe@company.com but the email is sent from jdrocks@xyz.com.
- The email is sent at a time of day that doesn't match up with when you usually receive other emails. For example: You receive an email that is sent to you at 4:00 a.m. but notice that you usually receive emails during normal business hours.
- The language of the email doesn't have the same tone as previous emails you've received from the sender. For example: You've noticed that previous emails from John Doe generally seem friendly or neutral, but then a new email from the person seems threatening.
- There are numerous grammatical and/or spelling errors in the email. For example: The word "college" is spelled as "colege" or the word "manager" is spelled as "manger."
- The email is asking (or warning) the user to do something within a specific time frame or face some type of consequence. For example: The email may warn the user the to click on a link to verify their account credentials within 48 hours of receipt or their account will be locked.
- The email contains a file attachment that is unrecognizable or doesn't coincide with the name of the file. For example: The email may contain a file that is named "Music" that is suggestive of an audio file but may appear to be a text file.
- Certain files are automatically blocked from being sent through our email system to include these file extensions: .bat (batch files), .exe (executable files), and .vbs (Visual Basic scripts). However, they could be placed within zipped or compressed files to bypass our blocking mechanism.
Question #3: Should I enter my e-mail address on a website that requires it?
Answer: Never use your work (or any personal) e-mail address to register on any website. Create another free e-mail address through Google, Yahoo, Hotmail, etc. for this purpose.
Question #4: I keep getting e-mails from a particular address and I want it to stop. What should I do?
Answer: Verify that the e-mails are from the same address. You can report only one (1) copy of the message to the Reynolds network security team so it can be reviewed. Then, delete the message -- never reply or unsubscribe to the message because this may confirm to the spammer that your e-mail address is legitimate and cause you to receive more messages from them (spammers can try to randomly generate addresses and wait for a reply).
Question #5: Can I create a fake e-mail, such as adding an additional number or letter to my e-mail address?
Answer: Sometimes this will work. However, some spammers use technology to recognize if the e-mail address is legitimate.