[IS&T Security-FYI] Tips for Email and Web Safety

Monique Yeaton myeaton at MIT.EDU
Tue Oct 26 11:31:55 EDT 2010 



October is National Cyber Security Awareness Month, an annual campaign to highlight what each of us can do to protect our computers, data and privacy. 

This email is the fourth and final in a series of weekly tips. We hope you've found them useful!

Tip of the Week: Email and Web Safety

As the holiday season approaches, spammers and scammers will once again use the increased volume of valid commercial email during the holidays as a cover for their messages, making it easier to deceive people into responding to fraudulent email and visiting fake websites. With this surge of threats comes an increased risk of compromised systems, reputation damage, and identity theft.

You can take simple steps to protect against the dangers of email-borne and online threats that jeopardize computer files and the data they contain as well as your own personal information. Consider these practices for protection (links to the resources mentioned below are available at the bottom of this email):

Enable spam filtering using the Spam Quarantine service available through IS&T. This service scans all incoming email before delivering it, identifies potential spam using a series of tests, and filters them to the Spam Quarantine server. 
If unwelcome email does make it past the filters, can you recognize a phishing message? Learn to spot the signs: take an educational quiz to see whether you would fall for spammers' phishy tricks. If in doubt, never respond, open the attachments, or click on the links within the email.
Learn to recognize a fake website. Sometimes a site is replicated so well that you will find it difficult to know if it's real or not. Fake sites created by hackers have exploit code embedded in them that take advantage of known security flaws. There are various resources to help you find out if a URL will lead you to a dangerous site. Tools such as F-Secure will tell you beforehand if the site can be trusted. Previewing links before you click them can also help. One tool that does this is CoolPreviews, a plug-in for Firefox.
If kept up to date, virus protection software will prevent most malicious code from doing any damage to your computer when embedded in an email attachment or hidden within a website. It is important to have virus definitions update regularly and automatically, as they become available.

Resources:

Spam Quarantine (http://kb.mit.edu/confluence/x/gi1B)
Can You Recognize a Phishing Email? (http://kb.mit.edu/confluence/x/SBhB)
Phishing Quiz by SafeGuard Online (http://ist.mit.edu/security/email/quiz_phishing)
Phishing Quiz by SonicWall (http://www.sonicwall.com/phishing/)
How to Spot a Fake Website (http://www.technospot.net/blogs/how-to-spot-fake-website-phishing/)
F-Secure (http://browsingprotection.f-secure.com/swp/)
CoolPreviews (https://addons.mozilla.org/en-US/firefox/addon/2207/)
Update Virus Definitions (http://kb.mit.edu/confluence/x/14Nh)

To keep up to date with the latest computer security news, Internet security threats and protective measures, subscribe to the Security-FYI email newsletter or visit the blog:

Newsletter signup: http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
Blog: http://securityfyi.wordpress.com/

If you need help with computer security settings, contact the IS&T Service Desk at 617-253-1101 or helpdesk at mit.edu. For self-help, search the articles in Hermes, the IS&T knowledgebase (http://kb.mit.edu).

This campaign is supported by the IT Security Systems & Services Team at MIT. Please contact us at security at mit.edu if you have any questions, comments, or would like us to give a presentation to your department or group.


Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://ist.mit.edu/security






-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20101026/c5988399/attachment.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: NCSA_RecStaysafe_StaticBanner_wurl.jpg
Type: image/jpeg
Size: 6478 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/ist-security-fyi/attachments/20101026/c5988399/attachment.jpg

More information about the ist-security-fyi mailing list