I. Email Etiquette
View PDFDue to the limitless boundaries of the internet, unfortunately there is no guaranteed solution to establishing a favorable email environment; however some of the tips and suggestions highlighted below if followed, should help improve email etiquette amongst email users and provide a more user-friendly email environment.but fundamentally, it is up to the individual sender/recipient to be sensitive and considerate when sending and/or responding to email.
Addressing Email
- Limit the recipients (email address(es) in the “To”, carbon copies “CCs” and blind carbon copies “BCCs” fields) only to those people who are involved with the email subject. The address(es) in the “To” field are for the people you are directly addressing, the address(es) in the “CC” are for the people you are indirectly addressing and the address(es) in the “BCC” are for the people you are indirectly addressing in private (without the other recipients knowing). Copy only those who need to be copied.
- Do not create new messages for every email response/reply. After sending an e-mail, chances are you will probably get a response. To prevent breaking the link between the original message and your soon-to-be-created response, reply to the email using the “reply” button. Do not create a brand new email message as that would make it difficult for recipients to follow the sequence of messages, especially after several exchanges.
- The “Reply to All” option can generate a lot of unnecessary e-mails. The “Reply to All” option should be used with care as it can create a domino effect and spiral into a lot of unnecessary email. For example, sending a dozen people the same email asking to confirm their availability for a meeting should normally get only a dozen replies. However, if each of the recipients hits the “Reply to All’ button, each and every recipient would also receive a dozen replies from each other for a total of 144 messages, 132 of which are unnecessary.
- Avoid lengthy negotiations via e-mail. Negotiations usually require a back and forth communication. If you find yourself responding more times than necessary on a particular issue, logistics permitting, consider calling (or meeting) the person instead of exchanging more responses.
Message Format
- Plain text is preferred. Using fancy fonts and colors is not advised as these complex formats may not be compatible with many email clients and thus may end up being displayed to the recipient as gibberish.
- Check your grammar and spelling. Poor grammar or spelling can result in unclear messages and force recipients to spend time unnecessarily trying to decipher the language as opposed to understanding the message. Make a habit of using a spellchecker.
- Use a proper Subject Line. It is important that your subject line be able to give intended recipients of your email an idea of what your email is about without having to have to first go through the email. This way they can decide what kind of priority to attach to it.
- Use the proper priority classification. This helps the recipient know how important the message is and as such decide on the kind of priority to attach to it. In cases where the recipient receives tons of messages and as such takes time to go through them all according to time of receipt (or sender), using this “high priority” tag will help isolate your email from the pile of others so that it can receive urgent and priority attention. Use the “high priority” classification for messages that are important and require high priority so the recipient can know and respond to it urgently and on time. Do not classify an email as “high priority” if it isn’t urgent.
Message Content
- Messages should be brief, concise and to the point.
- When sending attachments, be conscious of the size of the attachment and be sensitive to the storage capacity of the recipients email box. Also, always try to include a brief message alongwith the attachment letting the recipient know you are including an attachment as some email systems have filtering mechanisms that filter/block out attachments of certain sizes. Additionally, some antivirus strip out some types of attachments from emails leaving only the email message. By mentioning it in your email, your recipient would know to be expecting an attachment and would let you know if it wasn’t received.
- Don’t sell or advertise anything via e-mail.
- Be consciuous when sending forwarded jokes, poems or other sensitive materials, especially to large groups of people as a lot of people find this annoying. Select your recipients carefully to be sure they are appreciative of the content.
- Don’t pass on long articles if there is an availbe link to the document.simply including the link or the inclusions of pertinent passages is more acceptable.
- Never insult, threaten or criticize via e-mail. Remember there is always a record. Choose to work out differences face-to-face.
- Communicate highly complex information through other means. A telephone call or face-to-face conversation may reduce misunderstandings.
- Keep a record for future review when discussing critical issues in case something goes wrong. This way you can provide proof.
- When forwarding a message (or string of messages) to a new recipient, be sure to include a brief summary at the beginning, so as to alllow for ease of understanding of what has already been discussed.
Reducing E-mail: A Collaborative Effort
- There is a benefit of limiting email exchanges to only relevant topics. By choosing to send email only when you have a significant purpose, recipients will be more likely to open messages from you more promptly because they will know these messages are important.
- Carefully consider your reasons for sharing your WVU electronic mail address before doing so.
II. Phishing
What is phishing?
Phishing involves attempts to fraudulently acquire confidential, proprietary, financial or personal information through the use of a seemly official, but bogus, electronic notifications or messages, such as electronic mail messages or pop-ups. Phishers try to trick the users into completing an electronic form or visiting a web site to correct or update passwords, credit card details, social security numbers, company secrets, etc. All the while the phishers are stealing the information to gain access to computer systems, financial records, healthcare records and other information resources.
Phishing Triva:
The word phishing comes from the analogy that Internet scammers are using e-mail lures to fish for passwords and financial data from the sea of Internet users. The term was coined in 1996 by hackers who were stealing AOL Internet accounts by scamming passwords from unsuspecting AOL users. Since hackers have a tendency to replacing “f” with “ph” the term phishing was derived. (Source: Webopedia)
How do I avoid phish hooks?
- If you receive an electronic mail or pop-up message asking you to verify bank account, insurance number, social security number or other personal / financial information, do not respond. Instead, delete the message. Legitimate companies don’t ask for this information via email or pop-up messages.
- Don’t click in or copy links that appear in messages asking for personal or financial information. If you are concerned about your account, contact the organization mentioned in the email using a telephone number you know to be genuine, or open a new Internet browser session and type in the company’s correct Web address yourself. In any case, don’t cut and paste the link from the message into your Internet browser – phishers can make links look like they go to one place, but that actually send you to a different site.
- When possible, avoid using email to transmit personal or financial information. Generally, email is not a secure method of transmitting personal information. If you initiate a transaction and want to provide your personal or financial information through an organization’s website, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a website that begins “https:” (the “s” stands for “secure”). However, be aware that no indicator is foolproof; some phishers have forged security icons.
How do I identify phish bait?
- Carefully read both the SUBJECT and FROM lines. DO NOT open unsolicited mail from suspicious sources or those with scam type subject lines. Common scam type subject lines include work-at-home schemes, weight loss claims, bank account verification and credit repair and loan offers.
- Watch for unsolicited email from seemingly legitimate sources # 1 – Subject and From lines. Unfortunately, some spam and phishing messages appear to be from legitimate sources such as your bank, a favorite online store or a professional organization. Before you open such a message, carefully study the subject and from lines for slight changes in the names. The spammer or phisher might be trying to trick you into thinking that you have received mail from a legitimate source.
- Watch for unsolicited email from seemingly legitimate sources # 2 – Logos. Inspect the Logos and other identifying items in the messages. Phishing messages frequently include logos that are not an exact match to the company’s logo, spelling errors, percentage signs followed by numbers or @ signs within the hyperlink, random names or e-mail addresses in the body of the text, or even e-mail headers which have nothing to do with the company mentioned in the e-mail.
- Watch out for unsolicited email from seemingly legitimate sources # 3 – Who initiated the communications?
III. Spam
View PDFWhat is Spam?
Spam is unsolicited electronic mail, usually sent to multiple recipients in bulk. The parties sending the unsolicted mail ( known as the spammers) obtain your electronic mail address from the Internet places you frequent such as web sites, newsgroups, and special-interest group (SIG) postings. There are programs or spyware that are written specifically to automatically compile email addresses from some of these places. Spamming is one of the biggest hacking attacks carried out on the Internet. Spams costs victims money due to lost time, CPU, disk storage, and communications bandwidth.
Spam Trivia: Why do they call it spam?
SpamĀ® is a registered trademark for a Hormel Foods Corporation canned meat product (“spiced ham”). The use of the term “spam”, to describe the volumes of junk electronic mail swamping our inboxes, is said to derive from a famous Monty Python sketch that revolved around the characters repeating the word “SpamĀ®” over and over (”. we have Spam, tomato & Spam, egg & Spam, Egg, bacon & Spam…”). The sketch was popular when spam first began appearing in our inboxes and acquired the name spam because the junk mail was viewed repetitive, annoying and interfering with productive communication. Email that is wanted is sometimes referred to as ham.
What can I do about spam?
Currently, the only way to completely avoid spam is to avoid sharing your electronic mail address with others. Admittedly, it is both impractical and impossible to keep your electronic mail address a secret just to avoid spam. You have to give your electronic mail address to legitimate parties if you want to receive electronic communications from them. However, there are several precautions that you can take to reduce the amount spam you receive:
- Before sharing your email address with other individuals or entities, ask the requester how they plan to use your email address. Also, ask yourself some simple questions: Does the requestor distribute information I want to receive when working on educational or research projects or data that I need to perform my job? Do I want emails from this website and potentially their partners? Does the requestor represent a legitimate vendor, organization or individual? Do I trust them? If you can’t answer these questions satisfactorily, don’t give the requestor your email address.
- Also, before sharing your email address, read the terms of use, privacy statements and other notices posted on the site. Most organizations post links to their terms, statements and notices near the bottom of the home webpage. Look for these or similar words: “Terms and Conditions”, “Privacy Statement” and “Privacy Notice”. If the entity does not post terms, notices and statements and / or they indicate they plan to sell or distribute your electronic mail address to others, you may want to opt out of their electronic mailing list.
- Opt out when you don’t want to be included on electronic mailing lists. Some websites allow you to refuse (opt out of) offers to receive electronic mail from an entity or the entity’s partners. Becareful, opt in is typically the default action. You may have to explicitly opt-out by deselecting items on the webform.
- Do not reply to or forward chain letters. Try to limit the unintentional publication of your electronic mail address by avoiding participation in chain letters.
- Never respond to spam. Do not use the “Click here to be removed from this list” links that are often found in spam messages. By responding you are confirming that the spammer has obtained a valid, current electronic mail address. Instead, delete the message.
- Use a second email address for news and disscusion groups.
IV. Spyware
View PDFWhat is Spyware?
Spyware is a program that is used to secretly track, gather and transmit information about an individual by tracing the individual’s online footprints (activities). Spyware is used mostly by advertisers to send spam or junk mail.
Spyware is transferred onto your computer either from a virus, or when installing a new program or if you click on an “infected” pop-up. A lot of the free software downloaded from unreliable sources on the internet contains spyware which get transferred onto your computer when you install them. The advertisers and marketers pay to have the spyware included hence the software is available for “free”.
There are other data collection or tracking programs that are installed with the user’s prior knowledge and consent and used for legitimate purposes; these are not considered as spyware. Spyware is installed, tracks, collects information and transmits them back to unknown individuals without the users’ knowledge or consent. Cookie is an example of spyware.
How do you prevent spyware?
1) Never download unto your computer software programs or files from unknown or un-trusted sites on the internet. The most common way of transmitting spyware is via downloaded programs from the internet. However, there are some reputable sites that are usually free of spyware.
2) Avoid visiting questionable sites. Some spyware are installed automatically just by visiting an infected site even without downloading or installing any program.
3) Close unwanted or un-expected pop-ups immediately by clicking on the “X” on the upper right corer of the window. Never click within the pop-up window even if it says “cancel” or “close” or “exit”. Some pop-ups are deceptive as they include an image of a cancel or quit button within the pop-up misleading unsuspecting users into clicking the pop-up and activating the spyware.
4) Block Active X objects. If you’re using Internet Explorer as your browser, change the settings to “block Active X” objects.
To do this, :
a) Click “Tools”
b) Click “Internet Options”
c) Click the ” Security” tab;
d) Click on “Custom Level…”.
e) Scroll down a little to the “Active X controls and plug-ins” section, and check the Disable button on all applicable options (singed, unsigned, and unsafe Active X controls).
Some Active X objects are spyware so doing this will block them.
5) Activate Windows firewall and pop-up blocker.
Follow the steps under the pop-up section to activate the pop-up blocker.
To turn on the firewall, follow these steps:
a) Click on “Start”
b) Click “Control Panel”
c) Double click on “Windows Firewall”
d) Check the “On (recommended)” button
e) Check the “Don’t allow exceptions box”
f) Click “OK”
If you’re running Windows XP with Service Pack 2, then you can turn on the pop-up blocker and windows firewall. These actions won’t stop spyware altogether, but they can help reduce it.
V. Secure Sites
View PDFMost financial, banking and other commercial sites use a secure connection to conduct online transactions and/or transfer sensitive information over the internet. Secure connections involve using additional security features like encryption, authentication, session timeouts and digital certificates to protect data. Passwords and other data is encrypted and decrypted at both ends of the transmission (the requesting site and the responding site) to prevent anyone listening between both connections (hackers, crackers, sniffers etc.) from viewing, obtaining or altering sensitive information.
Most website URL’s begin with http:// before the main address but secure sites begin with https://. Typing https:// as opposed to the standard http:// into the Web site address activates the certificate and on connection, your browser then displays a padlock symbol on the status bar at the bottom of the browser to signify that the certificate has been activated. Never ever enter your credit card or other extremely sensitive information in any site that doesn’t have https:// preceding the URL and the padlock symbol
on the status bar.
Additionally, before connection is established, your browser may also display an alert to inform you that you are about to view pages over a secure connection and prompt you to either continue or quit.
The digital certificate is proof of the other site’s identity and genuineness and without it, your browser will not send any data through.
You can choose to proceed, quit or view the certificate.
Once you are on the secure site, Internet Explorer allows you to check the certificate. Double-click the lock icon on the status bar at the bottom of your browser. This displays the security certificate for the site.
Digital certificates prevent fraudulent sites from spoofing genuine sites for malicious intent. If the certificate obtained from a site doesn’t match the certificate expected by your browser, your browser will alert you before proceeding.
When you leave a secure site for one that isn’t secure, your browser will alert you so as to know that any information you transmit henceforth will no longer be encrypted or secure from others over the internet.
VI. Trusted and Restricted Sites
You can classify some websites as trusted sites if you are sure they are safe from spy-ware, spam, etc. Classifying them as such means whenever you visit them, your browser can assign a different, less rigorous level of security to them than other sites. A Restricted Site is the opposite of a Trusted Site. This classification is for sites that could be potentially harmful thus classifying them as Restricted means your browser can assign a more rigorous security setting to them to prevent harm, like prompting you before allowing pop-ups or cookies from such sites.
Making a site Trusted
To make a site trusted, on your Internet Explorer browser’s main menu select:
1) “Tools”
2) “Internet Options.”
3) “Security”
4) Click on the “Trusted sites” icon (the green circle with a white checkmark)
5) Click “Sites…”
6) Type the URL of the trusted site into the top box (NOTE: if you want to make a secure site trusted, it must have the “https:” prefix, and you need to check the “Require server verification (https:) for all sites in this zone” box below)
7) Click “Add”.
8) Click “OK”
To remove a trusted site, repeat steps 1 – 5, and in the “Web sites: ” section, select the site you wish to remove then click “Remove”, then click “OK”.
Making a site Restricted
Follow steps 1 – 3 then:
4) Click on the “Restricted sites” icon (the red circle with a white horizontal line)
5) Click on the “Sites…” button to type in the URL. (These sites will always be regarded as a restricted site by your browser until you change it).
6) Click “Add”
7) Click “OK”
To remove a restricted site, repeat steps 1 – 4, and in the “Web sites: ” section, select the site you wish to remove then click “Remove”, then click “OK”.