This document provides training on email security and safe email practices. It discusses recognizing phishing emails and what to do if you respond to one, such as immediately changing your password. It defines spam as unsolicited email and notes spam can contain viruses, spyware, inappropriate content, or scams. It emphasizes to never send sensitive information like passwords or financial details over email, as the university will never request this via email. When in doubt about an email, users are advised to throw it out rather than risk clicking links or attachments.

1. An ITS Security Training ModuleVersion Oct 2009 v3CLICK “FULL” TO VIEW SLIDE IN FULL SCREEN.

2. You’ve Got Mail!When in doubt, throw it out.

3. Suspicious email opened…Now What?Section: You’ve Got Mail!If you…then you should…responded to a phishing email…entered your password on a suspect Web site…provided your password in an email… Call (919.962.HELP) immediately!Change your Onyen password at https://onyen.unc.edu/Save the phishing email to which you responded as it may help with troubleshooting.

4. Safe E-mail 101Section: You’ve Got Mail!Never send your password over email. UNC-Chapel Hill will NEVER send you an email asking for your password in response. Such attempts to get you to disclose your password are known as “phishing”. Do NOT click on links or attachments from unsolicited or in unusual email. Use common sense: Do not click on the link or open the attachment.When in doubt, throw it out.

5. Safe E-mail 101Section: You’ve Got Mail!Do not respond to “spam.” Discard or delete it. Do not use any “unsubscribe” feature in the spam. Do not purchase anything offered for sale in spam.Do not use E-mail to send Sensitive Information. Contact your IT department or the Information Security Office for more information on how to email securely.

6. What Is Computer Spam?Section: You’ve Got Mail!“Spam” is the term used to describe unsolicited or “junk” electronic mail.

7. SpamWhat’s the Big Deal?Section: You’ve Got Mail!may contain viruses, spyware, inappropriate material, or “scams”clogs email systemsincludes phishing, a form of spam that tries to elicit Sensitive Information such as passwords.UNC-Chapel Hill will NEVER ask you to disclose passwords, social security numbers or other Sensitive Information via email.

8. Learning Point # 11Section: You’ve Got Mail!You receive an email from the University’s Information Technology Services (ITS) asking for a verification of your login information. You should respond to the email and provide the requested information. Right?Wrong!ITS will never ask for login informationto be disclosed in an email. Login information, such as your Onyen and password, is considered Sensitive Information and should never be sent in an email. E-mail addresses can be spoofed, making them appear to be from a legitimate sender. If in doubt, contact 962-HELP to determinewhether an email is authentic.

9. Learning Point # 12Section: You’ve Got Mail!Spam is annoying, but it poses no threat. Some of the spam messages are actually links to interesting Web sites for purchasing computer products. Right?Wrong! Spam may contain malware or involve scams that solicit personal information, such as credit card information. Spam that contains links to scam Web sites harvesting Sensitive Information is called phishing.