Information Strategy and Technology Services

UniSA home

Directory

Email

myUniSA

Library

About UniSA

Study at UniSA

Research

Community

• ISTS
  • AskIT
  • Resources for students
    • Service status
    • Computer barns and pools
    • Getting help
    • Getting started
    • Getting Connected
    • Internet quota
    • Print quota
    • Using Email
    • Work At Home Software
    • Computer Purchasing Offers - restricted access
    • Feedback Form
  • Resources for staff
    • Service status
    • Getting Connected
    • Usage information
    • Computer Pools
    • Hardware purchasing
    • Software purchasing
    • Governance and Planning
    • Policies and procedures
    • Tenders
    • Using Email
    • Feedback Form
  • For ISTS Staff
  • For IT Support Staff
    • Technical Resources
    • IT Support Staff Workshops-Restricted Access
    • Service Delivery
    • Support Matrix-Restricted Access
    • HP Service Desk - Hints

Email Security

• SPAM Information
• Current virus alerts, updates, notifications and news
• Current year past alerts, notifications and news
• Changing your password
• Offensive Email Content
• General email security guidelines

---

SPAM Information

Spam is the term now generally used to refer to unsolicited electronic messages, usually transmitted to a large number of recipients. They usually, but not necessarily, have a commercial focus, promoting or selling products or services; and they share one or more of the following characteristics: They are sent in an untargeted and indiscriminate manner, often by automated means

• They include or promote illegal or offensive content
• Their purpose is fraudulent or otherwise deceptive
• They collect or use personal information in breach of the Privacy Act 1988 National Privacy Principles (NPPs )
• They are sent in a manner that disguises the originator
• They do not offer a valid and functional address to which recipients may send messages opting out of receiving further unsolicited messages.
• Not all bulk email is spam. Bulk email would probably not be generally regarded as spam if it:
• Is sent to recipients who have previously dealt voluntarily with the sender before and, on the basis of that existing relationship, can reasonably be assumed by the sender to be prepared to accept messages of the type being sent;
• Does not promote or include illegal content;
• Is not deceptive in any way that breaches common law or statute law;
• Does not collect or use personal information in breach of the National Privacy Principles.

SPAM Prevention

The University checks all incoming messages that have been sent from external sources for SPAM related content. The universally 'known' SPAM related messages are automatically quarantined by the products own knowledge base that is updated frequently. We are also able to add content to dictionaries to block new spam outbreaks which are reported to the IT Help Desk.

Who do I alert when I receive SPAM messages?

To forward any SPAM related messages please do the following using Outlook:

• In Outlook, start a new message
• In the 'TO' field enter the address, ithelpdesk_spam@unisa.edu.au
• Drag the SPAM related message(s) to the new message, and release.
NOTE, this action will 'attach' the SPAM messages to your "new" message
• enter a subject, and then press then SEND button

To forward any SPAM related messages please do the following using webmail:

• In Webmail, highlight the SPAM message in your 'Inbox'
• click the 'FORWARD' button
• In the 'TO' field enter the address, ithelpdesk_spam@unisa.edu.au
• click then SEND button

How did I get spammed?

Spammers use a variety of methods to conduct their activities and avoid detection. Email addresses may be harvested from Internet sources such as domain contact points, mailing lists and online postings, white and yellow pages web pages and Internet chat rooms and by using ‘dictionary attacks’ on user names.

This information is harvested using automated tools or search engines that analyse the content of these sources for email addresses and key words. This information is frequently traded between spammers. On occasion spammers use open relay mail servers and fake message headers to distribute email, disguise their identity and reduce traceability.

How do spammers get away with it?

Unfortunately, the Internet is not as secure as some would have you think. It is easy to create spam mail that is hard to trace; in fact several 'point and click' spamming programs exist to make the job as simple as sending regular mail. Approx 90% of spam has a fake origin and/or reply-to address, making it impossible to directly contact the spammer to tell them to stop the activity.

Some spammers play 'cat and mouse'. They join an ISP for a short time (a month or less), send a glut of spam, then move on when the account expires or they are closed down. They repeat this as often as is possible or necessary to keep their spam flowing. They can do this because the 'contact' details in their mail often refer to a legitimate web site that is not associated with the origin of the spam, or the contact detail is a non-web resource (Phone Number, Post Office box, etc).

By the time your complaint has been checked out by the ISP, the spammer is already long gone, which means you may not receive any more spam from that particular address, but you can be sure your name is still on that spammers list, just waiting to be re-used from the spammers next ISP.

Should I use the spammer's offered 'remove' function?

Some 'clever' spammers claim to offer a removal service. It is advised not to use this service. Normally, within the spam text is a message along the lines of "If you wish to remove yourself from our mailing list, simply reply to this message, and we will remove you from our lists...". By replying, you are in fact confirming to the spammer that your email address is a valid place for them to send their spam to. You may in fact INCREASE your spam by replying to this address!

Can I use my own email client to filter spam?

Yes, UniSA Outlook users can use the built-in Junk Email Filters.

1. On the Tools menu, click Options.
2. On the Preferences tab, under E-mail, click Junk E-mail.

3. Select the protection level that you want.

   • No protection Although this turns off the automatic Junk E-mail Filter, Microsoft Office Outlook 2003 will continue to evaluate messages by using domain names and e-mail addresses on your Blocked Senders List, and messages will continue to be moved to your Junk E-mail folder.
   • Low If you don't receive many junk e-mail messages and want to see all but the most obvious junk messages, you should select this option.
   • High If you receive a large volume of junk e-mail messages, you should select this option. However, you should periodically review the messages moved to your Junk E-mail folder, because some wanted messages may be moved there as well.
   • Safe Lists Only Any e-mail messages sent from someone not on your Safe Senders List or sent to a mailing list not on the Safe Recipients List will be treated as junk e-mail messages.
4. Select the Permanently delete suspected junk e-mail instead of moving it to the Junk E-mail folder check box.

Note When you permanently delete suspected junk e-mail messages, the messages are immediately deleted and not moved into the Deleted Items folder.

---

Offensive Content

If you are experiencing content in emails that is considered offensive, please forward the offending email to ITHelpdesk_Spam@unisa.edu.au

In some cases, filters can be applied to block offensive content. Note: blocking may only be effective for current messages from the same source.

---

General email security guidelines

Do not open unexpected email.

If you receive email from someone that you don't know, resist the urge to open it. It is more than likely SPAM and at worst something more malicious.

Do not reply to unexpected email.

Do not reply to unexpected email as it confirms that yours is an active email account that is worth sending more spam to.

The University, in common with most organisations, will never ask you to supply your account details by email. No matter how believable the message seems DO NOT respond to any email requesting personal information such as this.

What if you deal with unexpected email all of the time?

If your job requires you to open unexpected email then you have to ensure that your machine is fully patched and that you have up to date anti virus software installed. Your local IT-Support officer will be able to advise you on this.

The same warnings apply as set out below.

Do not click on URLs in email

If you receive an unsolicited email that has a URL in it, do not click on the link even if the email appears to come from a reputable organisation.

This will help to keep you safe from links that take you to somewhere other than the URL presented to you on the email or links that send you to a site that attempts to install malicious software onto you computer.

These ruses are often used in emails pretending to be from a bank or some other well know service provider which actually takes you to a replica of your bank or service provider's Internet site and presents you with a dummy logon page thus capturing your username and password.

The emails can also include bogus invoices or receipts for payment enticing you to click on the included link with the intention of taking you to a site that attempts to load virus or trojan software on to your computer.
 

Do not open attachments in any email

Unless you have explicitly asked the sender to include an attachment or you regularly receive attachments from this source (newsletters, work flow, etc.) you should never open an attachment in an email.
 

The University will NEVER ask for your username and password over the phone or via email

These are scams that try to obtain your username and password so that your account can be used for malicious purposes.

Even if you respond with false details or other comments you are confirming that your mail box is active and worth sending SPAM to and you also make it harder for us to detect who has sent their credentials to the reply address.

You should forward as an attachment any email that requests your username and password to ITHelpdesk_Spam@unisa.edu.au so that we can block similar messages from being received.

 

top^