Skip over navigation|
|Help | Portal Help | A to Z Index | Sitemap | Feedback | Accessiblity | Listen to this page with Readspeaker | Contacts | Login|

home |  School Office |  Support Services |  Schools IT Support Team |  03. Support |  Antivirus & Security | Email & Antivirus Best Practice Guidance|

|start of content|

Email & Antivirus Best Practice Guidance

|

Summary:

This document provides best practice guidance for Email and Anti-Virus.

At the bottom of this page there is a printable version attached.

Introduction

The Internet is a valuable resource for learning as well as an exciting communication medium. However, there are various pitfalls awaiting the unwary user and this guide is intended to assist the typical user of e-mail to avoid many of these. The advice given is not designed to address every situation and should not be regarded as definitive.

Advice & Guidance

The two main threats that e-mail users experience are posed by viruses that use the e-mail system to propagate and Spam (otherwise known as unsolicited commercial e-mail). The advice in this document is designed to reduce the threat posed by each.

Dos

  1. Do use your common sense at all times. Treat with a degree of caution any e-mail that appear to come from senders who are unknown to you.
  2. Do set up filters in your e-mail client to eliminate e-mails, which you do not wish to receive - certain keywords in the body of e-mail should alert you to unwanted content.
  3. Do ensure that you are running anti-virus software at all times and that it is being updated regularly to deal with new threats.
  4. Do ensure that your computer is regularly updated with the latest security patches for your Operating System (from Microsoft).
  5. Do take care to tick the correct boxes when you are invited to opt-in or opt-out to receiving product-related e-mail as part of registering product on websites. Beware - some websites ask you to opt out, others to opt in. It is easy to get confused.

Don'ts

  1. Don't run or save attachments to e-mails from senders who are unknown to you. A favourite device used by virus writers to infect computers is to supply the virus as an attachment and persuade the recipient to execute the attached virus program.
  2. Don't run or save attachments to e-mails apparently sent by bona fide organisations where you have not solicited the e-mail. If in doubt, phone the organisation to confirm that it has sent you the e-mail. Please note that no computer company will ever send out unsolicited "updates" for the user to execute. A recent virus purported to come from Microsoft with an "essential update" attached. Microsoft never distributes patches via e-mail.
  3. Don't click on any link in an e-mail from a user or organisation unfamiliar to you.
  4. Don't respond to any request via e-mail to pass on any "secure" information about yourself, for example user IDs and passwords for Internet Banking. A recent e-mail purports to come from Barclays and asks the user to click on a link and enter username, password and "security phrase" as the e-mail claims that essential user data needs to be checked. No Internet Banking company would ever make such a request via e-mail. Clicking on the link and entering the information places the control of the recipient's bank account into the hands of fraudsters.
  5. Don't give your e-mail address to any website without being absolutely sure that the website is run by reputable people who will not misuse the information to add your address to Spam mailing lists. Be wary about joining any mailing list not hosted by reputable organisations or by people with whom you are familiar.
  6. Don't ever send a reply to Spam e-mail, whether abusive or not. By replying you are confirming the existence of your e-mail address and inviting an even greater volume of Spam in future.
  7. Don't put links to an e-mail address on the front page of a website. There are programs used by Spam organisations that scour the web looking for new e-mail addresses to add to their databases. Place any contact e-mail addresses on sub-pages where they are less easily found by non-humans! This will not stop the e-mail addresses being harvested but will reduce the chances of it happening. More effective is to embed the e-mail addresses as text rather than links.
  8. Don't view messages in HTML mode if you can avoid it as this is one of those rare occasions where just the act of reading an e-mail can allow concealed HTML code to be executed without the user being aware that anything untoward is taking place. Some Spam writers use this feature to verify that the e-mail has been read and that the e-mail address is valid. Most e-mail clients allow you to read HTML e-mails as plain text through their configuration options.
  9. Don't forget that you can view a list of all the Spam e-mails that have been prevented from reaching you by the Spam filtering service applied to every e-mail coming from outside the grid to a recipient inside the grid. Log in, using your grid User ID and password, to http://users.wsgfl.org.uk/ and there is a link you can follow to see a list of the subjects of any e-mails blocked. For every Spam e-mail that gets through these checks (Spam originators spend large amounts of time devising cunning ways of getting their e-mails through anti-Spam filters) there might well be a further 10 that never made it.

If you wish to ask questions relating to the advice above, please contact the West Sussex Help Desk or ask the Nominated Contact within your school to contact Atomwide on your behalf.

File Attachments

First Published: 8/1/2004          Last Reviewed: 17/3/2008