News & Updates

Receive Email Updates:
Archive
Categories
  • 2019
    1/22

    Illinois workNet Email Security – Handling Spoof Emails

    Have you ever heard of spoofing emails? Spoofed emails are emails that appear to come from someone you know or possibly even yourself. They are coming from someone pretending to be someone else to get information from you.  To learn more about spoofed emails and how to protect yourself, check out this Illinois workNet article:

    Illinois workNet staff will NEVER send you emails with invoices or ask you to send us personal information that is not related to your IwN account. If you receive an email like this from Illinois workNet, please follow the steps below:

    Note: These are the steps for Microsoft Outlook. Specific instruction may vary based on the software you use.

    1. Open the spoofed email in its own window by double clicking on it. Click the File tab, then click Properties. Copy the text that shows to the right of Internet Header. Do NOT click any links within the email.

    spoofing headers.png

    2. Reply to the email and cc scam@siu.edu. Include the Insert Header field text you just copied in the body of your email.

    • This will send the email to the real SIU employee as it is their email being used. Only then will SIU be aware that their email is being spoofed to contact others. Spoof emails use external links because they do not have actual access to the email. They only have the ability to send emails that look like they have come from somewhere else, but they cannot access the emails being sent and received through that account.

    3. Mark the Message as spam/junk, then delete the email after replying.

    What will our Information Technology (IT) team do?

    • Once an individual has received your email they will send it on to reportphishing@apwg.orgspam@uce.gov, and scam@siu.edu which will also notify security@siu.edu. It will also be reported to: FTC.gov/complaint  
    • Our IT Team will review the email to determine if it was hacked or a spoof. If it was hacked, actions will be taken to update the email. If it was spoofed, our IT will report to Proofpoint, who will review the email to determine if it contains attachments or links that could be malicious. If it does, the recipient will be notified.

    What can you do?

    1. Email servers will typically recognize and block these emails; however, some may still slip through. To better protect yourself and your organization, talk with your IT staff to make sure you have security measures in place to identify and prevent these types of emails from coming through.

    2. Additional Resources:

Comments

Leave a Comment