Email Security

While e-mail allows us to quickly and efficiently communicate with others around the world, this shared network has a number of inherent security threats that users should be aware of while using their UTSA email account.  The major threats are:

• Computer Viruses

• Spam

• Phishing

A computer virus is a small piece of software that piggybacks on real programs and replicates itself. For example, a virus might attach itself to a program such as an Excel document. Each time the document is opened, the virus runs as well and has the chance to reproduce (by attaching to other programs) or perform any number of destructive actions to user data. An e-mail virus moves around in e-mail messages, and usually replicates itself by automatically mailing itself to dozens of people in the victim's e-mail address book. There are different types of computer viruses, among which are:

• Worms are small pieces of software that use computer networks and security holes to replicate itself. A copy of the worm scans the network for another machine that has a specific security hole. It copies itself to the new machine using the security hole, and then starts replicating from there, as well.
• Trojan horses are computer program that claim to do one thing (such as a game or screensaver) but instead does damage when you run it (it may erase your hard disk, allow an outside user access to your system, or more). Trojan horses have no way to replicate automatically and rely on the user to run them.

Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, or quasi-legal services. Spam costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers rather than by the sender. Email spam targets individual users with direct mail messages. Email spam lists are often created by scanning Usenet postings, stealing Internet mailing lists, or searching the Web for addresses.  Transmitting spam email messages results in high bandwidth costs for internet providers, which translates to higher service costs for providers and end users.  Furthermore, mail servers will have their performance affected having to deal with mass amounts of non-legitimate email, resulting in delayed or failed service.

LINK: Avoiding Spam

Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise (Paypal, for example) in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.

What can UTSA do about these threats?

The UTSA email servers scan all email for viruses, and our AntiSpam measures will send any suspected spam to your Junk Email folder in Outlook.  However, not every automated solution is 100% effective, so it is best to exercise caution while using your mail.  Here are some tips we recommend for safe email usage:

• Give your UTSA email account only to people that need to contact you, and never use it to sign up for information on commercial accounts.
• If you don't know the person sending you an email, don't open any attachments from them.
• Never open attachments from known users unless you verify they meant to send it to you. The sender may be infected with a virus which is attempting to spread.
• If you receive an email in your Inbox that is Spam which did not get caught by the AntiSpam software, you can add the user to a Blocked Sender's List. Right-click the email in question, and select Junk Email -> Add Sender to Blocked Sender's List.
• If you receive an email directing you to a site to enter in confidential information or account information, either contact the organization in question to determine if this is legitimate, or delete the email.
• And always, if you have any questions or concerns, the Help Desk is available at x5538 to answer any questions or assist you with any concerns.