Spam and Phishing

Best Practices - describes the best practices when it comes to dealing with spam and phishing emails.

More and more unwanted messages are clogging mail servers and wasting employees' time. Therefore the easiest and best way to deal with spam is also the one which wastes the least resources and your time, simply delete it. The reality is because most messages that are spam come from outside sources, there isn't very much that we can do to control them because;

  • Systems administrators are usually aware of spammers and have closed down the access long before they receive a complaint.
  • Email accounts are freely available and readily opened, therefore as quick as a spammers email access is closed down they have a new one is opened within minutes.
  • The information in email headers is often forged and what you see as the "To:" and "From:" fields are invalid.
  • If we block the whole email system sending these messages we block legitimate email from these sources.
  • Often complaints to some of these outside service providers are ignored because the people spamming us are paying for the ISP service, whereas we are not.

What you should never do is reply to the email, this just confirms you are a valid email address and can be added to other spam lists. 

Official WTS Emails - find out if WTS really sent you that email.

To assist our customers in distinguishing spam and phishing email scams from official WTS email communications, widely distributed WTS emails as well as targetted phishing emails will be posted on this site so that you may be assured that the email you received is official before responding to it. Simply click on the email subject to see the full text of the message. Some points to remember:

  • An email subject line starting with [SPAM?] should be considered potential SPAM unless the WTS Support Centre tells you otherwise
  • Official email communication from an @uwo.ca account should never have [SPAM?] in the subject line
  • Official email communication from WTS will never ask you to email your password or other personal information
  • If you receive an email claiming to be from WTS that is not posted on this site please forward a copy of the message with full headers to phishing@uwo.ca .

Other kinds of phishing attacks occur regularly - for example, fraudulent banking notifications, or offers of free goods or services. Many such phishing messages will be caught by Western's anti-spam tools (reference links at right), but some may arrive at your inbox. For more information about phishing in general, and how you can protect yourself against such attacks, please visit Phishing on the CyberSmart website.

Recent Phishing Emails Seen on Campus

Official Emails Sent from WTS

Forwarding Emails with Full Headers - explaining how to forward spam emails to WTS with their full headers.

Procedure

Office 365 Webmail

  1. Click on the message in your Inbox to select it
  2. Click the three dots button to the right of the sender's address
  3. Select View Message Details from the drop down menu.
  4. A box will appear with the message header information.
  5. Copy the message headers:
    • Click anywhere in the Message Details box.
    • Press Ctrl-A to select the message headers
    • Press Ctrl-C to copy the message headers
  6. Press Ctrl-V to paste the message headers into the desired destination (e.g. Word document, email message, etc.)

Outlook 2016/2019

  1. Double-click on the email message to open it in its own window.
  2. From the Message tab, Locate the group called Tags.
  3. Select the arrow in the bottom right hand corner of the group.
  4. A box will appear with the internet header information on the lower portion.
  5. Copy the Internet headers:
    • Click anywhere in the Internet headers: box.
    • Press Ctrl-A to select the message headers
    • Press Ctrl-C to copy the message headers
  6. Press Ctrl-V to paste the message headers into the desired destination (e.g. Word document, email message, etc.)

Mac OSX Mail

  1. Select the message you want the full headers for.
  2. In the menu bar click 'View'.
  3. Go down the list and select 'Message', 'All Headers'.
  4. Copy the message headers:
    • Click anywhere in the Message Details box
    • Press Command-A to select the message headers
    • Press Command-C to copy the message headers
  5. Press Command-V to paste the message headers into the desired destination (e.g. Word document, email message, etc.)

Gmail

  1. Log in to Gmail.
  2. Open the message you'd like to view headers for.
  3. Click the three dots beside the Reply button
  4. Select Show original.
  5. Copy the message headers:
    • Click anywhere in the Message Details box
    • Press Ctrl-A to select the message headers
    • Press Ctrl-C to copy the message headers
  6. Press Ctrl-V to paste the message headers into the desired destination (e.g. Word document, email message, etc.)

Published on  and maintained in Cascade.