Email Threats
Email is a necessity for communicating and for conducting William & Mary's business. However, email can be difficult to control from a security perspective.
In W&M Information Technology, we have lots of security measures in place to filter, block, and quarantine malicious emails, but the bad guys are always trying to stay one step ahead - and sometimes bad emails can get into our mail system. It is up to the individual to recognize these malicious emails and act on them (or ignore them) accordingly.
There are several security threats when it comes to email.
- Fake DUO Authentication Screen has been used recently to trick users into giving out DUO 2 factor authentication passcodes.
- Phishing is the tactic of making false claims in order to gain access to your account. Phishing, though not new in terms of the Internet, continues to refine itself by trying to find new ways to trick you. Phishing scams may ask you to provide your account credentials or they may direct you to a fake login page to capture them.
- The first contact safety tip in Microsoft Outlook guards against phishing, which is the number one threat to cybersecurity at the university. This setting flags if you are getting a message from an address for the first time or if you haven’t gotten a message from it in a long time, which helps to guard against potential impersonation attacks. Please note that we cannot turn off this security feature for individual accounts. Our goal is to protect the campus from phishing and spoofing attacks.
- Ransomware is a type of virus that encrypts your files and blocks access to your data, in an effort to receive a payment (ransom). The virus is automatically installed on your computer, usually after opening a malicious attachment in an email. Similar to phishing, the look of the email may be deceiving and may try make you believe that it is legitimate.
-
Gift Card Scams Another email security threat that the William & Mary community should be aware of is the Gift Card Scam. This scam uses a sense of urgency from a spoofed superior, supervisor or member of the Administration in an attempt to have you buy gift cards for the scammer.
-
Employment Scams involve offers for paid service for students and others looking to make a few extra dollars working from home or their dorm room.
- Extortion is a strategy utilized to manipulate the target to engage in a certain type of behavior or action. Often using sexually sensitive material, the attacker blackmails the target for money.
- Covid-19 Scams Phishers, scammers, extortionists use emotions and pressure to elicit an abnormal response. Similar to the ongoing Sextortion campaigns, which rely on embarrassment and fear to scam people out of money. Or the Gift Card scams that rely on a sense of urgency for the same purpose. The coronavirus, COVID-19, has provided fear, uncertainty, anxiety, urgency and even sympathy which are all key emotions for attackers to get past your defenses while at work or home.
It's best to err on the side of caution when an email threat is even a remote possibility. If in doubt, forward the email in question to [[abuse]] for verification. If you know it is phishing or malware, please forward it to [[abuse]] for analysis and additional preventive measures.
Notifications sent by W&M IT
Many malicious emails are going to claim to be from IT. They aren't. However, you can expect to receive a few legitimate email notifications from W&M IT that you do need to act on. These notifications are for (but not limited to):
- Your yearly password reset (once annually, based on the date of your previous password reset)
- The annual network authentication (usually in early August)
- Verification of phone locations (once annually, based on the date when the phone location was previously verified)
So how do you know if it is legit? Real emails from W&M IT will not link you directly to a login page. They will direct you to the W&M IT home page on our website. From there, click the button to access the site for the appropriate update.
Questions? Contact the Technology Support Center (TSC)
757-221-4357 (HELP) | [[support]] | Jones 201, Monday - Friday, 8:00 am - 5:00 pm