Differences

This shows you the differences between two versions of the page.

--- handling_suspicious_email_messages_and_spam [2016/09/19 10:53] – [Unsubscribing from marketing messages] formatting abrashear
+++ handling_suspicious_email_messages_and_spam [2017/02/10 09:47] – [Is this email actually from who it says it is?] Add more detail abrashear
@@ Line 7: / Line 7: @@
 ===== Is this email actually from who it says it is? =====
-  * Check the From address on the email. Messages from your bank should probably come from //[email protected]//, and not //[email protected]// or //[email protected]//.
+Malicious messages can come from anyone. It's very common for an attacker to hijack an account, and then use that account to send harmful messages to all of the contacts. Even if a message is from someone you know, be on alert if it seems unusual.
-  * Consider the body of the message. If you have communicated with this person before, is their grammar unusual? Is the formatting of the message odd? Is their spelling particularly poor?
+  * **Check the //From// address on the email.** Messages from your bank should probably come from //[email protected]//, and not //[email protected]// or //[email protected]//.
+  * **Consider the body of the message.** If you have communicated with this person before, is their grammar unusual? Is the formatting of the message odd? Is their spelling particularly poor? Are they asking you to do something unusual?
 ===== Is this message trying to get me to do something dangerous? =====
+Emails which attempt to persuade you to do something dangerous often use language which adds urgency so that you are more likely to suspend your suspicion and perform the action anyways. Vague messages which implore you to open some link or attachment are frequently malicious. Examples of dangerous actions are:
+  * **Providing usernames or passwords** — A common attack is to provide a link which looks like the login page to your email provider or other service. The attacker saves any password you submit, and uses it to hijack your account.
+  * **Transferring/receiving money** — There are many scams which encourage you to receive a sum of money and forward it to someone else. Through various methods, you'll end up losing all of the money to the scammer.
+  * **Visiting malicious links** — Malicious links may look like links to trusted websites, or be random webpages on the internet. If you aren't sure if a link is safe, err on the side of caution and do not open it.
+  * **Opening attachments** — Attackers may send attachments which can exploit vulnerabilities in software to harm your computer or hijack your accounts. Word documents, PDFs, and other Office documents are common vectors of exploitation.
-  * Examples would be: providing usernames or passwords, transferring money, visiting malicious links, or opening attachments.
+Naturally, if you never trusted any message or opened //any// attachment, email would not be very useful. Use your best judgement and if you feel a message is unsafe, you may want to report it as a phishing or spam. Reporting spam and phishing emails is good practice, because you will help Gmail reduce the amount of unwanted messages you receive. If a message is probably safe, but you do not want to receive any more message like it you may be able to unsubscribe from marketing messages from that sender.
-  * Emails which attempt to persuade you to do something dangerous often use language which adds urgency so that you are more likely to suspend your suspicion and perform the action anyways. Vague messages which implore you to open some link or attachment are frequently malicious.
-Naturally, if you never trusted any message or opened //any// attachment, email would not be very useful. Use your best judgement and if you feel a message is unsafe, you may want to report it as a phishing or spam email using the steps at the bottom of the message. Reporting spam and phishing emails is good practice, because you will help Gmail reduce the amount of unwanted messages you receive. If a message is probably safe, but you do not want to receive any more message like it you may be able to unsubscribe from marketing messages from that sender by viewing the instructions below.
-If ever you are not sure if a message is malicious or not, I am glad to have a look and help you determine how to handle them. In these cases, you will want to send the message with headers to <[email protected]> using the instructions below. I am especially interested in messages that appear to come from lasallehs.net that are marked as spam or are not marked as spam but seem like they should be.
+If ever you are not sure if a message is malicious or not, send the message with headers to <[email protected]> using the instructions below.
 ====== How to send a message with headers in Gmail ======