its.unc.edu 1

Version Oct 2009 v3

An ITS Security Training Module

CLICK “FULL” TO VIEW SLIDE IN FULL

SCREEN.

its.unc.edu 2

You’ve Got Mail!You’ve Got Mail!

When in doubt, throw it out.

its.unc.edu 3

Suspicious email opened…Now What?

Suspicious email opened…Now What?

If you…

1. responded to a

phishing email…

2. entered your

password on a

suspect Web site…

3. provided your

password in an

email…

then you should…

Call (919.962.HELP)

immediately!

Change your Onyen

password at

https://onyen.unc.edu/

Save the phishing email to

which you responded as it

may help with

troubleshooting.

Section: You’ve Got Mail!

its.unc.edu 4

Safe E-mail 101Safe E-mail 101

1. Never send your password over

email.

• UNC-Chapel Hill will NEVER send you an

email asking for your password in

response.

• Such attempts to get you to disclose

your password are known as “phishing”.

2. Do NOT click on links or

attachments from unsolicited or in

unusual email.

• Use common sense: Do not click on the

link or open the attachment.

• When in doubt, throw it out.

Section: You’ve Got Mail!

its.unc.edu 5

Safe E-mail 101Safe E-mail 101

3. Do not respond to “spam.” • Discard or delete it.

• Do not use any “unsubscribe” feature in the spam.

• Do not purchase anything offered for sale in spam.

4. Do not use E-mail to send Sensitive

Information.

• Contact your IT department or the

Information Security Office for more

information on how to email securely.

Section: You’ve Got Mail!

its.unc.edu 6

What Is Computer Spam?

What Is Computer Spam?

“Spam” is the term

used to describe

unsolicited or “junk”

electronic mail.

Section: You’ve Got Mail!

its.unc.edu 7

SpamWhat’s the Big Deal?

SpamWhat’s the Big Deal?

may contain viruses, spyware,

inappropriate material, or

“scams”

clogs email systems

includes phishing, a form of

spam that tries to elicit

Sensitive Information such as

passwords.UNC-Chapel Hill will NEVER ask you to disclose passwords, social security numbers or other Sensitive Information via email.

Section: You’ve Got Mail!

its.unc.edu 8

Learning Point # 11Learning Point # 11

You receive an email from the University’s Information Technology Services (ITS) asking for a

verification of your login information. You should respond to the email and provide the requested information. Right?

Wrong!ITS will never ask for login information

to be disclosed in an email. Login information, such as your Onyen and password, is

considered Sensitive Information and should never be sent in an email. E-mail addresses can be spoofed, making them appear to be

from a legitimate sender. If in doubt, contact 962-HELP to determine

whether an email is authentic.

Section: You’ve Got Mail!

its.unc.edu 9

Learning Point # 12Learning Point # 12

Spam is annoying, but it poses no threat. Some of the spam messages are actually links to interesting Web

sites for purchasing computer products. Right?

Wrong! Spam may contain malware or

involve scams that solicit personal information, such as credit card information. Spam that contains

links to scam Web sites harvesting Sensitive Information is called

phishing.

Section: You’ve Got Mail!