Tech Tip: How to keep safe from spam

by Ryan Johnson, I-Tech

Despite best attempts to reduce spam, it is not going away any time soon. Every employee of the University Libraries and Penn State needs to be careful when clicking on links in emails, attachments, and online ads.

Below are some basic items to keep in mind to help keep your machine and the Libraries’ network safe:

  1. Do not open or respond to emails that look suspicious or unusual, are from someone you don’t know, or that generally ask you to take an action, such as making a payment or giving information or credit card details. If the email claims to be from a genuine company, but originated from a free web-based email service, it is likely spam.
  2. Do not open an attachment you weren’t expecting, especially if you don’t know the sender. Often malicious code masquerades as zip files or Word documents or some other file type. Scammers can easily change an the .EXE extension of a malicious file to .DOC.
  3. Just as you should not open attachments, do not click on a link in an email unless you are 100 percent sure it is safe to do so. It is easy to interject an infected hyperlink into the body copy of an email. If in doubt, delete it (or check with the sender or the Helpdesk).
  4. Don’t be fooled by phishing attempts. Someone, somewhere, will try to get personal information from you. You should never give out personal details over email or fill in a form that pops up when you open up an email. May times throughout the year, you may receive an email that threatens to shut down your email account unless you provide your Penn State password. Penn State will NEVER ask for your password.
  5. On the phishing front, you shouldn’t open or interact with messages from businesses to which you haven’t given your address and be wary of messages from companies that already have your address. A popular tool among spammers is to act as if they were from your bank, for instance, suggesting you need to change your password. In cases such as these, it is best to check the banks’ website for details or call their helpdesk to ensure your account is in order — better safe than sorry! Banks and other organizations should not be contacting you via email for security purposes.

These are just a few of the best practices to help keep you safe.  If you are unsure about an email link, attachment, or website, please feel free to contact the IT Helpdesk for further assistance.