Email Safety
Why do we talk about email safety?
How many of you remember taking a Driver's Ed class? I do. My instructor was Preston Chambers, he was also my Health teacher through high school. But that story is for another day. He was an eccentric fellow. I'm not sure whether his goal was to equip us to drive a car or to scare us so much that we would never drive a car. He used videos as his primary method of instruction. He kept the lights off as dramatic videos of various driving infractions and accidents played. Like any good instructor he circulated the room as we watched. As soon as the video ended and faded to the credits he would slam his Driver's Ed textbook on a student's desk and yell in true Matt Foley style, "IF YOU DON'T OBEY THE LAW YOU'RE GOING TO DIE!" Anyway, I THINK the point of the class was to educate me on how to safely navigate the roads so that I keep myself and others safe.
Using email is a lot like driving a car. If you follow specific guidelines and recommendations, you'll remain safe and so will those you email with. While there are safety features in cars, just like on our network, it's still best for everyone if we don't need to rely on them. So this means educating users remains the best way to head off potential problems caused by opening or clicking through a bad email. One thing we are going to do to provide you more information about what emails you should open or not is to add a notification to all emails originating from outside of Wrentham Public Schools. What that means is when an email from outside of the district comes into your inbox it will now have [External] in the subject line. Here's an example of what it will look like:
Here are some of the reasons why we are doing this:
- Messages coming from outside the district are more likely to include malicious content so we want to remind you to think twice before clicking a link or downloading a file.
- Hackers can spoof someone's email address to make the email seem like it is coming from someone trusted when it is actually coming from a hacker. If my email is being spoofed you may see Sean Ahern as the sender and think it is fine open. But if you see the [External] alert you will know the email is not really from me and should report it.
- Emails from within the district are scanned for malicious content when they are sent and received, giving us extra security. Emails originating from outside our district are not subject to that extra scrutiny.
Email Safety Tips
Here is a link to an article with detailed tips on recognizing and reacting to a malicious email. I'll summarize some of the tips below but this is a worthwhile read for you and something to pass along to family as well.
1. The sender's email address is not correct. The email may say it is from Sean Ahern but the real email address is as8as9fjklks@hacker.com.
2. The sender doesn't seem to know the addressee. The email may say "Dear He/She" or something very vague or general.
3. Embedded links have weird URLs. If you look at the link in this email above it displays as an actual website. If the link is malicious it will probably display a bunch of nonsense and characters.
4. The language, spelling, and grammar are "off". If it seems like someone from a foreign country that doesn't know English wrote the email or it is written like a kindergarten student, it is probably a malicious email.
5. The content is bizarre or unbelievable. If you are offered something too good to be true or someone other than one of the tech team is asking you to update your password or account info then it is probably malicious.
One important thing to remember is to never click on a link or download/open an attachment from an email that you weren't expecting. If you have any questions or concerns about emails you receive do not hesitate to ask. We'd rather spend time checking it out instead of dealing with the fallout of an attack.