Email and Network Security - FAQ
Click on the question below for the answer:
- How does the spam filter work?
- How can I deal with unwelcome and unsolicited email?
- Is there a problem with giving out my email address when I sign up for online services?
- How do computers become infected with malware?
- What is “phishing”?
- How much spam does DJUSD receive?
- My DJUSD computer runs antivirus software. How can a DJUSD machine get infected?
The DJUSD spam filter is provided by an outside vendor through which all incoming and outgoing email is directed. Each email has to pass certain “tests” to be allowed through the filter, these tests being in the form of an algorithm, or set of rules, established by the vendor. The algorithm can be tweaked by our own network administration as needed, and the vendor frequently updates the algorithm to counter the evolving spam/malware environment. The filter is not completely impermeable, and some spam will creep through. If the algorithm were set in such a way as to stop all spam, it would stop a large percentage of legitimate email as well, so it's a delicate balancing act.
Everyone in the district receives email they would rather not receive, particularly of a commercial nature. Sometimes it's actual spam (illegally generated email), but often it is simply advertising sent by a company who bought your email address from another vendor you trust. Think of those conferences you attend and the information you provide when you register for them. But it’s all email clutter, and it obscures the good stuff, like emails from Technology!
To attempt to stop those emails is both time-consuming and not especially useful in stopping the unwanted contacts. Even by negatively responding to the email, the sender knows you went to the trouble to read to the bottom of their ad in order to find the “Unsubscribe” instructions (which often don’t work anyway). You then become an even hotter email ad target, generating even more advertising.
The most effective strategy is to create a target folder in your Outlook Inbox. Right click your Inbox folder, and select New Folder. Name your new folder something like “Garbage” or “Ads”. You can also create sub-folders within that folder, so if there is advertising or communications you would like to review at a later time, such as from your professional association, you can direct it there. Then, when you receive an unwanted message, right-click on it, select Rules – Create a Rule, and instruct Outlook to always send emails from that domain (in “firstname.lastname@example.org,” leapfrog.com is the domain) to the folder you created to receive it. That way, you will never see future emails from that sender unless you choose to do so. Periodically empty your garbage folder by right-clicking on the folder, and select Delete All.
If you need to give out an e-mail address in order to gain access to a web site, use a Gmail e-mail address created for that purpose and let Google deal with the spam that comes with signing up with questionable web sites. District e-mail addresses should be given only to trusted people, vendors and partners of the District.
While it is still somewhat possible for laptops running Office 2003 to acquire malware (viruses, spambots, worms, Trojans, etc.) by simply opening HTML-formatted email (a problem better addressed by later versions of Office), it remains a relatively rare event. The most common means by which malware is installed on your computer is by clicking on unsafe links or opening attachments contained in emails containing execution files or links to malware-harboring websites.
All users of DJUSD network resources (Outlook, Zangle, U: drives, web authoring, etc.) have access to it by means of login identification and passwords. Anyone who is able to obtain your login (not difficult) and password (hopefully difficult) is able to gain control or access to anything you can control or access on the network. Generally, people have to be tricked into revealing their passwords, and these tricks usually come in the form of a bogus email requesting your login information, often couched in a larger form asking for other information pretending to be DJUSD Technology Support. Manipulations include statements such as “We are conducting an email account audit,” or “Your email account is about to expire,” or some other promise that you are about to lose your email privileges or that your work is somehow at risk.
Also, it is extremely easy to clone a real web site, such as a district web page, and host it on another server with some modifications to capture information instead of logging on. Pay attention to the URL in the Address Bar to make sure the link you clicked, such as http://webmail.djusd.net (for an example, click that link) is actually taking you to where you expect. A thief could easily create a new web domain called djusd.net.com so that http://webmail.djusd.net takes you to http://webmail.djusd.net.com instead, and when you login it harvests your login and password information, then redirects you to the login page of the site for which you were originally bound.
DJUSD Technology will NEVER ask for information about you over the network. We don’t need it, and we would certainly not ask for any personal information via an insecure medium such as email.
Approximately 90% of the roughly 12,000 emails coming into DJUSD each day is spam. Additionally, 40% of the roughly 5,000 emails generated daily from inside the district is outgoing spam, and is also caught by the filter before it can leave the district. That is commonly due to non-DJUSD devices being brought into the DJUSD network with inadequate security and harboring spambots, software that sends out spam at the behest of their creators, and less frequently from DJUSD devices that have become infected through various means. If you suspect your computer is sending emails without your permission, bring laptops into Technology immediately, and otherwise notify Technology of your suspicions.
Malware creators have devised many ways to hide the presence of this software in the context of emails, websites, file attachments; anything that operates after you click on an external Internet reference, such as a URL or files of various types. Once activated, the program can execute and install in your machine. Windows and other Microsoft applications continue to improve the design of the protections built into them by frequent security updates, but the updates are in reaction to the new methods devised by malware creators. There is always a window of time during which a new malware delivery method begins operation and when counter measures can be created, so your participation in keeping your machine secure against attack is very necessary.