Social Engineering
One of the most common ways in which data is lost, computers are
compromised, and systems are accessed by unauthorized users is through social
engineering. Many studies have shown that people will give passwords, account
numbers, credit cards, etc. if someone asks for them, without verifying the
request. If you receive an e-mail asking for your user name, account name,
password, credit card number, social security number, etc., do
not respond. Reputable businesses, including Dartmouth College, do not
send e-mails asking for your personal information. If you are unsure, call the
business that appears to be making the request to verify the request. Use a
phone number that you have for the business, rather than one provided in the
e-mail message you received.
In addition, even if you know it is a scam, you should not reply to the
message. The simple act of replying to let the sender know you are on to their
scam provides valuable information to the sender. When you reply, you let them
know your e-mail address is valid and active. They can then sell lists of
confirmed e-mail addresses to other vendors who want to do a mass marketing
campaign via e-mail.
If you have questions about this, please contact your department's
computing support office or the Computing Help Desk at 646-2999.
Virus Detection
The mailhub servers, through which all mail to and from off-campus flows,
has virus detection software installed on them. If a virus is detected in an
e-mail enclosure, the enclosure will be removed from the message. You should be
aware that not all viruses are detected in this way, so you should only open
enclosures that you are expecting, even if the message appears to be from
someone you know.
For additional information on this service, see Scanning
E-mail for Viruses.
Encryption and Electronic Signatures for Your E-mail
If you would like to learn how to include an electronic signature with your
e-mail using your eToken, see Using
S/MIME E-mail. This feature currently works for the following e-mail
clients: BlitzMail 2.8 or higher for the Macintosh, as
well as Thunderbird on Windows, the Macintosh, and Linux,
Outlook on Windows, and Mail on the
Macintosh. (Note: Authentication
is required for use with S/MIME.)
Additionally, you can use your eToken to encrypt your e-mail; however, we
strongly discourage this, because if your eToken becomes damaged or lost,
or if you forget your password, anything you encrypted with that etoken will be
permanently inaccessible.
For instructions on how to get an eToken or PKI Certificate, see
Identify Yourself Through Authentication.
|
