Safe Computing Guidelines

Computer users should be aware of safe computing guidelines. The following articles and information have been put together to help people to better understand the issues:

Spam

SPAM is the transmission of large quantities of unsolicited electronic messages. Phishing messages just like SPAM, are unsolicited, but more importantly, they also attempt to lure individuals into providing personal information, usually by redirecting them to a fraudulent copy of a legitimate website.

These messages use fear or urgency to trigger an impulsive reaction from the reader. Sometimes they will go as far to tell readers that they are at risk of being victim of identity theft if they do not follow the provided link. Phishers will use the information they have gathered to gain financial advantages or to hide their criminal activities using your good name. You can outsmart them by never selecting any provided links and by immediately deleting the message.

Understanding Phishing

For additional information about protecting your personal information please visit the RCMP page at RCMP Phishing Info

Reporting Phishing

Myemail.lakeheadu.ca does have a feature to report Phishing. With the suspicious open, users can click on the action arrow in the upper right hand corner (beside the reply button) and select Report Phishing. By doing so, the system will be informed of the suspicious and can take appropriate action.

Understanding email Spoofing

On occasion members of the Lakehead University Community receive e-mail that appears to come from lakeheadu.ca and contains suspicious content. This occurs when resourceful and malicious Spammers/Phishers engage in what is called e-mail spoofing. The term ‘email spoofing’ is used to describe fraudulent e-mail activity in which the sender address and other parts of the e-mail header, are altered to appear as though the e-mail originated from a different source. By changing certain properties of the e-mail, such as the From, Return-Path and Reply-To fields (which can be found in the message header), ill-intentioned senders can make the e-mail appear to be from someone other than the actual sender.

If you encounter any such suspicious email, take care not to provide any personal information and report the suspicious e-mail to the TSC Helpdesk.

Additional Protection Tips

Sadly, the only secure computer is one that is disconnected from the network … and turned off. However, there are some best practices that can provide a significant deterrent to malicious attacks on your personal computer or laptop.

Update Your Operating System – most desktop security incidents are the result of flaws in the operating system. As these flaws are discovered, vendors release new software to close these security holes. Visit Windows update regularly to ensure your workstation has the latest Microsoft Windows software updates.

Use Good Passwords – by default, modern systems are accessible remotely – those with weak passwords are vulnerable to dictionary attacks, rapid automated guessing of common passwords. This is of special concern on systems where you have set yourself to log in automatically and may be unaware of an administrative password.

Do Not Open Unexpected Attachments – Despite every effort to minimize the spreading of viruses through e-mail attachments, there is still a small risk that they will find a way onto your computer. A simple way to avoid such problems is to not open the unexpected attachment but save the attachment to your computer and run a virus scan on the file. Only after the virus scan is complete and indicates the file is virus free should you consider opening the file.

Install and Update Antivirus Software – Updating your antivirus software with up-to-date virus definitions (the list of viruses it can detect) is essential. Running regularly scheduled virus scans and ensuring that McAfee On-Access Scan is enabled will also significantly reduce your risk of infection.

Use Your Computer’s Firewall – Modern versions of Windows and Mac OS X come with a firewall (a program that monitors your network connection), a critical safeguard against a wide variety of security holes. Make sure that yours is turned on. Contact our Helpdesk for assistance should you require it.

Safeguard Your Personal Information – Do not respond to email that asks for your Social Insurance Number, bank account number, passwords, or any other private information. Also, do not publish this information on your personal web page, weblog, or anywhere