Email and Spam
Consider informing the sender that you do not want to receive any further communications by replying:
Option 1 - reply
"I do not wish to receive any further communications from you of any sort."
Option 2 - reply with a CC to authorities (firstname.lastname@example.org, email@example.com, firstname.lastname@example.org)
“I do not wish to receive any further communications from you of any sort. A copy of this Email is being forwarded to the Campus Community Police Service, University Network Security Office, and Equity & Human Rights Services. Further communication of any sort will result in immediate notification to University Authorities and the Police."
Sending the above Email to Campus Police, Equity & Human Rights Services and the Network Security Office is for their information and tracking purposes only. You will need to contact the appropriate department directly to assist you with various options, including further action if this is required.
Retain a copy of all Email messages. These will be required if any further action is taken later.
Step 2 - If the sender persists
Contact Equity & Human Rights Services and/or Campus Police for advice or further action. The Network Security Office will be engaged directly by Campus Police as needed.
If you want to know more information about Western's policies check MAPP 1.13 - Code of Behaviour for Use of Computing Resources and Corporate Data and MAPP 1.45 - Email Policy.
Whether you use a stand-alone email client such as Thunderbird, SeaMonkey Mail, or Microsoft Mail, or you access your emails through a web site such as Gmail or Yahoo, you need to be aware that there are security and privacy risks to which you're exposing yourself.
- Do not load images in email
- unless you are sure it arrived from a trusted sender. A spammer will embed images and web bugs in email so the remote server where these images reside is contacted immediately upon opening and viewing the message, instantly verifying your existence and receipt of the message. Although most email clients will prompt you by default before loading remote content, be sure to check your settings.
- Disable HTML for email
- if you want to view the safest of all email messages. This will strip all HTML formatting and will prevent the loading of remote images (as described above) plus prevent cleverly-coded email worms that are designed to execute just by viewing HTML-formatted email. It will also help prevent phishing by revealing the text of actual links instead of hiding them behind alternate text or images. Check your settings for an option to view message bodies as "Plain Text".
- Disable cookies in email
- Most email clients have this disabled by default.
- Never allow your email client to "View Attachment Inline"
- ... unless you are sure it arrived from a trusted sender.
- Never allow your email client to execute plug-ins
- ... unless you are sure it arrived from a trusted sender.
- Never open email attachments from strangers
- Period. Do not open suspicious emails or email for which you do not recognize the sender. Delete email messages with attachments without opening them if received from an unfamiliar source. Even emails arriving with attachments from familiar sources may have been sent from infected systems, so you should confirm with the sender that the attachment was intentionally sent, before you open it.
- Use encryption software
- for sending your most private email messages. If you don't, keep in mind that what you are sending is the equivalent of a postcard. Also remember that encryption is for the message body only -- it does not hide the subject line nor does it hide the message headers.
- Never, ever use email to send confidential information such as credit card numbers, bank account numbers, or your Social Security number
- Even if you use encryption and the correspondence is for legitimate business, you cannot be certain that the recipient will protect this information once it is delivered and decrypted. It will only be as secure as the recipient's system permits. What does phishing look like? For examples of phishing emails seen at Western, visit our Spam and Phishing page.
- Never respond to emails asking for confidential information
- Any email you receive requesting your credit card numbers, bank account numbers, or Social Security number either via email or a bogus web site link is surely an identity theft or phishing scam.
- Avoiding Social Engineering and Phishing Attacks Do not give sensitive information to anyone unless you are sure that they are indeed who they claim to be and that they should have access to the information.
- Identifying Hoaxes and Urban Legends A good overview of email chain letters: what they are, and how to avoid being part of the problem.
- Recognizing and Avoiding Spyware A good overview of spyware and adware: what they are, and how to avoid being victimized.
Encryption is the most effective way to achieve data security, however, many find the use of cryptographic tools obtuse and difficult, even though it really isn’t.
This page is meant to introduce in simple terms how encryption tools work on different operating systems and how to use them in the hope that our community can better understand and use these tools as a means to achieve data security.
If you need help with understanding what and why encrypt check our Security page for more information about data classification.
Video - Encrypting files and emails on Mac and Mac email client
Video - Encrypting files and emails on Windows and Outlook
Video - Encrypting files and emails on Linux and Thunderbird
Nowadays a significant amount of messages addressed to Western email addresses is spam. WTS filters out 75% of incoming mail as 'known spam'. An additional 3% of incoming mail is 'suspect spam'. Western's main tool for filter spam is our SpamTrap service.
WTS has implemented a method of managing your spam. All email addresses have their spam ‘trapped' in a central repository. A single notice is sent each day so that a user may see the messages that are trapped. This summary notice allows for 3 easy choices - delete all, deliver selected messages and delete the rest, or log into and manage your SpamTrap.
We recommend taking a few minutes to scan the notification message to ensure that the trap has not caught legitimate email. If you agree with what we have trapped then select the button ‘reject all as spam’. You need to be sure - once this action is taken the message(s) cannot be retrieved. If we have trapped something that you would like to receive then mark it as accept and the other messages as reject then select the button ‘submit’.
By taking specific action on the notification message you are actively contributing to the efficiency of your personal stream. It also makes it easier to scan the trap contents. If no action is taken you will continue to receive daily reminders of any new or outstanding content in your trap until after 30 days it is automatically cleared.
Published on and maintained in Cascade CMS.