Worth Mentioning

Delays sending email

August 4, 2017

McMaster email users have experienced delays sending email to external email services, including the Government of Canada. Similar to last month, a compromised McMaster account was used to send spam email, which resulted in the University’s email servers being blacklisted by other email systems. The University’s IT departments are working to resolve the situation.

Please review our tips on how you can protect your McMaster account.  As always, if you sense something suspicious is going on with your McMaster account (i.e. MAC ID), contact the UTS Service desk ext. 24357 for assistance.

You are likely to experience delays sending email to most email services, including Yahoo, Gmail and even other universities.

Email and Account Security Tips

1. Protect your private information: McMaster University will never, ever ask you for private information via email.  The same is true of banks, government agencies or other large institutions.  You should never provide information about yourself, such as credit card information or passwords to anyone requesting it via email.  If you are concerned about an email that you have received, call the institution that sent it (or, appears to have sent it). If there is a problem they will help you; if there isn’t a problem they will be happy to learn about the phishing attempt so that they can warn their other clients.

Don’t send private information via email.  Email is not a safe media for transmitting sensitive information.
DON’T respond to email requests for private information.  A response validates to the attackers that you are real and could make you a target for future attacks; even when you want to respond: “get lost!”, it is better to just delete the message.

2. Think before you click: If it seems too good to be true, or even just kinda cool…it could be a trap! The bait used in phishing attempts can be enticing, like an unexpected package or surprise airline tickets; or the bait can be alarming, like a problem with your bank account or that your email account will be closed unless you confirm that it is being used.  If you weren’t expecting the message, don’t trust it.

Don’t open attachments that you weren’t expecting.  The anti-virus software on your computer will scan your email attachments, but it will miss the occasional infection.  When in doubt, throw it out.
Don’t follow links sent to you via email unless you are absolutely sure that they are safe.  Check that the link is taking you where it claims by hovering your mouse over it and reading the url in the pop-up.  Better still, Google it and navigate to the site manually.

3. Know the source: If your trusted Auntie Clara sends you an amazing butter tart recipe, that is probably ok; but if Auntie Clara sends you a link to a scandalous video of your favourite pop-star…Sound the Alarms!!  Email accounts can become compromised, then used to send phishing messages to the contacts in the victim’s address book.  If you have received a message from a trusted source that seems a little out of character, just delete it.  Better still, call them…I’m sure Auntie Clara would love to hear from you.

DON’T open attachments or follow links that seem out of character for the sender.

4. Use a strong unique password: Don’t let your account be the launch pad for an attack against your friends, family or colleagues. Protect it with a password that is too difficult for even a computer to guess.
DO create strong passwords for your accounts. A strong password is at least 8 characters long and combines upper and lower case letters, numbers, special characters and punctuation.
DO create unique passwords for all of your accounts. The rule is “unique account, unique password”; that way even if the bad guys hack into your twitter account, your bank account is still safe.

5. Keep it clean: Running a clean machine will help to protect you, as well as your friends and neighbours, against this and other internet threats.

DO set up your anti-virus software to automatically install updates.  New viruses are written at a rate of over 100,000 per day!
DO set up Windows, Mac or Linux to automatically install security updates.  Errors are discovered every day in the software that you rely on in your daily life.  Fortunately, the companies that write that software will take responsibility for these errors and release periodic updates and patches to correct them.  Install them to remain current.
DO enable your Windows or MacOS firewall. The firewall is there to prevent others from connecting to your computer without your knowledge.
DON’T connect to untrusted networks.