Perpetrators use email as an attempt to steal your personal information. This page will define and help you identify different types of email security threats.
What is phishing?
Phishing is a form of theft where someone attempts to steal your sensitive personal information by pretending to be a trustworthy party in an electronic communication (usually by email). Phishing messages are designed to confuse you by making the messages look like they are from a trusted business, bank, government agency or even the University of Manitoba.
Falling victim to a phishing message could leave you vulnerable to identity theft and severe financial losses.
How to protect yourself against phishing attacks:
The best way to protect yourself is to learn how to recognize them. Most phishing messages usually share some common traits. Learn how to spot them:
- Phishing attempts tend to immediately try to bring out an emotional reaction from you like greed, curiosity and fear. Phishing attempts also often sound urgent.
- Odd tone, bad grammar and spelling or unfamiliar email signatures or sender addresses are clear signs of phishing.
- Beware of phishing email elements like attachments or links to unfamiliar login pages.
Don’t fall prey to fishing attacks. For the latest news in phishing attempts, check our security alerts page.
What is spam?
Spam is unsolicited junk email normally with sales or advertising content. Spam email messages use methods similar to phishing messages to draw you in.
Although spam is annoying, it can also be a security threat. For example, a spam email can disguise itself as an advertisement for a trusted company or organization when it is actually trying to trick you into entering your personal information or downloading a harmful program.
What is the university doing about phishing and spam?
The university employs an email security solution called Ironport. However, no spam or email filter is perfect, so we advise everyone to be aware of best practices and remain vigilant when opening email from unfamiliar sources and clicking suspicious links.
Spam quarantine notification email messages
The university uses Ironport as its email security solution for spam email filtering. However, no spam or email filter is perfect. We advise everyone to be aware of best practices and remain vigilant when opening emails from unfamiliar sources and clicking suspect links.
IronPort spam quarantine notification
Receiving an "IronPort spam quarantine notification" message means the anti-spam filter has received an email addressed to you and suspects that the message may be spam. The purpose of this system is to reduce the amount of unsolicited spam received in your inbox. Please follow the link in the notification email message to review the email messages quarantined by IronPort. At times legitimate email messages may be quarantined. You can release these messages from quarantine and add the sender to a safelist.
IronPort keeping emails in quarantine
IronPort keeps quarantined emails for 30 days, and then the message is deleted.
Once emails have been deleted from quarantine, they cannot be retrieved.
IronPort safelisting or blocklisting
Safelists ensure that email addresses added to this list do not have their messages filtered by anti-spam scanning. Blocklists ensure that messages from addresses added to this list are not sent to your inbox.
Users are only allotted 100 entries (emails or domains) to use in their safelist or blocklist. This limit cannot be increased.
We suggest mainly using these entries for your safelist. Spammers will often change the email address they are using to send spam or spoof the email address they are using. As a result, adding an email address to your blocklist may not stop future spam.
The IronPort safelist cannot be set to allow all messages through its scan for a specific account. IST sets the level of spam email filtering for each email domain on campus. If you believe your email domain's spam filtering level is too strict or lenient, please contact IST.
Receiving spam in your inbox
Occasionally, the IronPort system may not block a spam email message, and that message will be delivered to your email Inbox. If you receive an unsolicited email in your inbox, first determine whether it is spam or a bulk email message from a legitimate vendor. If you have determined that a message is an unsolicited spam email, send that message as an attachment to firstname.lastname@example.org. Do not forward the message or just the email headers. The system administrators need to see the entire spam email in its original format.
If you receive multiple and continuous spam messages from a specific email address or domain, you may want to add that email address to your blocklist manually. View instructions on how to block an email address. Please note that spammers will often change the email address they are using to send spam or spoof the email address they are using. As a result, adding an email address to your blocklist may not always stop future spam.
Receiving undeliverable error messages for messages you did not send or seeing spam emails from your @umanitoba.ca email address
When this situation occurs, it is most likely that your email address has been ‘spoofed.’ Spoofing an email address is similar to writing a different return address on an envelope. It appears as though the letter or email was sent from a different address. When the spam message is sent to an invalid email address, you may receive bounce-back error messages stating that a message could not be delivered. Spammers can ‘harvest’ email addresses from public locations such as public web pages or online directories. Viruses or Spyware can also infect a computer and harvest email addresses from address books stored on that computer. If you suspect your computer has a possible virus, download updated virus definitions, run a virus scan, change your email and password, and contact IST.
Blank spam quarantine notification messages
It is possible that IronPort quarantined an email message sent to a distribution list. The corresponding quarantine notification was also sent to that distribution list’s email address, which all the distribution list members then received. When you access the email quarantine, check the upper-right corner of the page to see from which email address IronPort is quarantining messages. If it was sent to a distribution list, another member in that list might have already checked and either deleted or released the messages in quarantine.
Checking your spam quarantine and email quota in Outlook
Malware or spyware
What is malware or spyware?
Malware or spyware is an umbrella term for malicious software or programs that access your data discreetly by infecting your technology. They almost always do harm.
In email, malware or spyware can be obtained through clicking suspicious links within the body of the email or opening and downloading harmful program attachments (especially .exe files).