Email security risks include attachments; scams; viruses and worms; spyware and adware; and hidden or devious links to bad websites.
Every day more and more scam emails are sent out asking K-Staters for their eID and Webmail passwords. These emails are often very convincing, or frightening to those who receive them, so replies are sent and accounts are compromised. It is important that we all work to reduce these compromises by ensuring that our information is never sent to anyone in an email.
You can learn more about scams and how they work:
You can always find a list of the most recent phishing scams hitting K-Staters by going to the IT Security blog.
Use common sense when you're sending and receiving email.
Learn how to identify a scam. Find out for yourself if an email is a hoax,
a virus, or for real. It's good to maintain a strong sense of skepticism. Always use caution when
revealing personal information, such as your phone number or physical address to anyone you communicate
with through email, even if they purport to be someone of authority. Never give out your social security
number or a credit card number in an email. Emails are not a secure form of communication and anything
that is sent could be intercepted by a nefarious individual.
Do not reply to spam email messages, or other harassing or offensive mail.
By responding, you only confirm that you are an actual person with an active email address. This can lead
to more unwanted email solicitations. Be suspicious of any unsolicited email. When in doubt, delete it.
Never open attachments or click on links from unknown sources.
And be cautious about links and attachments from people you do know. They may contain Trojan horses,
worms, or viruses, which can seriously damage your personal or work computer. Be sure that you have anti-virus software
installed and that it is scanning all attachments before you open them.
Never share your password.
System administrators and IT staff should not ask for your password. Do not be fooled by suspicious emails asking
you for your password. This is a ploy designed to fool you into sharing your password. As a simple rule, never
share it with anyone.
Change your log-in password often.
The simple act of changing your password will increase the likelihood that your email remains secure. This is
why the K-State eID system prompts you to change your password twice per year. It's a good idea to use
alpha-numeric passwords which are harder to break, so be sure to use both numbers and letters when creating your
password.
Always log out/sign off of public computers.
It's quick, easy, and may save your account from unwanted trespassers. If you are using a public terminal,
be sure to sign off any time you leave the computer unattended.
On the pages below, you will find more information about email scams that affect K-Staters. This includes information about phishing scams, and other email scams, as well as what you can do to identify what is a scam, and what isn't.