Support BGU Support BGU
Computation and Cyber Security Division
Computation and Cyber Security Division
About us
הגן על המידע האישי שלך

Email security threats

​​​​​In the daily reality hostile elements try to access both personal and business information. Even though the Computation Center uses a number of mailbox protection tools, all university members and students must be aware of the dangers.

Phishing

Such emails are an attempt to convince you to disclose your bank details, personal information, or login information (username and password). Typical features of such messages include:

  • Link to a fraud site
  • The site can look like the website of your university / bank
  • Use scare tactics
  • Your mail account volume is about to expire
  • Financial opportunities like grants / student loans etc.

Note that in such a case, the sender's address or URL, will never be associated with bgu.ac.il.

Malware

The E-mail messages try to install malicious software on your computer (for example, computer viruses). They may collect information or try to block access to the computer or information and demand ransoms money to open it.
Malware is usually found in attachments or in a link included within the email that directs you to an infected website.

How did the malware come to you? There are several typical possibilities:

  • You visited a malicious site by clicking a link in a phishing message.
  • Your computer is vulnerable because it is not up to date with security updates for Windows, Java, QuickTime, Flash, Acrobat etc.
  • Your computer is vulnerable if you do not have antivirus software or your antivirus software is out-of-date.
  • You use a public computer (hotel, internet cafe, public library, etc.) that is infected with a virus that steals your password.
  • You respond to phishing - for example, a fake e-mail message that says you need to install XYZ to keep your computer safe, but XYZ is actually malware.
  • You use the same password for secure things (like university, internet banking) as you use for less secure things (social networking sites, instant messaging).
  • You download software from the internet that contains a virus (this is quite common with various file sharing software).

Spam

These emails usually post something that's hard to get through regular channels.

It's usually easy to detect such messages because of their misspelling, or because of the requirement to distribute them to all your friends – please do not.

Identify malicious emails and spam

Outlook hides the full email address from which the email was sent. Open the email, right-click the person's name, and select "Open Contact Card" to see the email address. In the web version, just click the person's name or picture to view the email address and anyone else. You can also view this information by displaying the message header. If the email address does not match (for example, does not match the name or inappropriate for the message sent), it's likely spam.

Often links names are misleading. Put the cursor over the link to see the link real address. If this is not what it supposed to be (for example a message that seems like sent from BGU computation Center with a link NOT within a website of Ben-Gurion University bgu.ac.il), it's probably garbage or worse.

In general, there is no reason for an external site to ask you to identify with the credentials of Ben-Gurion University.

If so, then it is probably malicious or spamming.

Even if it is addressed to you personally, it may still be spam.

If the attachment appears to be from a familiar contact, ask them if they sent it (but not by replying to the email).