Division of Information Technology Services

Beware of Phishing Attacks

By: Keiran Paquette

June 30, 2016

Western University is a large target for Phishing attacks. Many such phishing messages will be caught by Western's anti-spam tools, but some may arrive at your inbox.  The spam filters have not been changed, and continue to work as they did with the Convergence platform. Through Office 365, Western email addresses are provided additional protection with the Exchange Online Protection (EOP) service.

Any Official email communication from ITS will never ask for your password or other personal information. If you receive an email claiming to be from ITS that is not posted on this site please forward a copy of the message with full headers (http://www.uwo.ca/its/email/spam_phishing/forwarding_emails_with_full_headers.html) to phishing@uwo.ca.

Other kinds of phishing attacks occur regularly - for example, fraudulent banking notifications, or offers of free goods or services. Many such phishing messages will be caught by Western's anti-spam tools, but some may arrive at your inbox. For more information about phishing in general, and how you can protect yourself against such attacks, please visit About Phishing on the ITS website.

Your safety on the internet is of the utmost importance. Please take some time to review the information we posted on the Internet Safety site: https://cybersmart.uwo.ca/Help%20and%20Guidance/Safety%20over%20the%20Internet.html.

Whenever you receive an email, make sure you review the Five Ways to Recognize a Phishing Email before responding to that message: https://cybersmart.uwo.ca/secureemail/phishing/five_ways_to_recognize_phishing.html.

Please report any phishing emails that you do receive: https://cybersmart.uwo.ca/secureemail/phishing/report_a_phishing_attempt.html.

Unfortunately, more and more unwanted messages are clogging mail servers and wasting valuable time. The easiest and best way to deal with spam is also the one which wastes the least resources and your time, simply delete it. The reality is most messages that are spam come from outside sources, there isn't very much that we can do to control them because;

What you should never do is reply to the email, this just confirms you are a valid email address and can be added to other spam lists.

However, you can assist us in identifying new characteristics and techniques implemented by spammers by using the Anti-Spam training links for Spamtrap. It should be noted that this will 'over time' adjust system filter to reduce the levels of undetected spam.

  1. From your email client
  2. View the full email headers of the messages which you would like to report as spam.
  3. Search for "X-CanItPRO-Stream: username"
  4. Make sure the message went through your stream by ensuring the username is equal to yourself. If it didn't then you will not have the necessary permission to move forward with this procedure. You may want to consider forwarding the message to the username listed.
  5. Search for "X-Antispam-Training-Spam:"
  6. Copy the link.
  7. Login to https://spamtrap.uwo.ca, note this requires UWO authentication
  8. Paste the url from above into the address bar of the browser
  9. Select Spam.
  10. Select Logout

 iOS (iPhone & iPad) does not include the function to check the quota with the “Mail” app.  You can view usage of the mailbox quota (50GB), through myoffice.uwo.ca or the Outlook app on Windows/Mac.

In Office 365 (myoffice.uwo.ca)

  1. Go to “Mail” the Inbox, click the Gear icon
  2. 2.       Click “Options”
  3. Click “Other”
  4. Click "go to an earlier version" in the middle of the page.  Your quota is listed under Account.

In Outlook 2013

  1. Click “File”
  2. Click “Info
  3. Your approximate quota usage is under the Mailbox Cleanup heading.


Published on  and maintained in Cascade CMS.