You are now in the main content area

Handling Email Spam and Phishing

Spam

Email spam is unsolicited mass email. Some spam email can contain offensive content or it may have an attachment that contains a virus that has the potential to harm your computer or the network.

All incoming outside email messages are passed through the Ryerson mail filters to determine whether they are legitimate senders or from "spammers".

Appropriate measures will be taken to try and reduce the amount of incoming spam and reduce the number of messages that have been falsely flagged as spam.

Currently, incoming outside email messages passed through the Ryerson mail filters which are considered to be spam are quarantined and not delivered to your mailbox.  This may cause potential problems because some legitimate messages are falsely flagged as spam, quarantined and the users don’t know about it.  Currently, users contact CCS to check if a message they were expecting has been quarantined and if so CCS will manually release the message from quarantine.

Starting late March 2017 users will be able to manage their spam messages.  Ryerson’s email system will no longer quarantine messages for users.  RMail users will see a new folder called Spam in their mailbox and all spam messages will be delivered to that folder.  If a message is not spam users should report it to notspam@ryerson.ca.  They will also be able to move the message from the Spam folder into their Inbox or any other folder.  The system will automatically remove messages in the Spam folder that are older than 30 days.

To protect your computer from spam, you should always take precautions including:

  • Only open email from familiar contacts
  • Update your antivirus protection regularly and make sure email filtering is selected
  • Filter out unwanted spam messages by adjusting your email settings

Often when CCS troubleshoots an email issue, or reported spam, it’s useful to have the “full headers” of a message.  This helps to accurately track where a message came from.  

  1. Right click the email subject line and click Other. . .
  2. Click Display Full Headers.
  3. Copy the text to clipboard.
  4. Paste the text into a new message.
  5. Forward the email to spamrec@ryerson.ca.

To report spam:
Mark the message and click the  Spam button above the message. This will send a copy of the message to CCS and move it to the Spam folder

  1. Select the message.
  2. Using the menu buttonMore selections on Gmail , select Show original.
  3. Click Copy to clipboard.
  4. Paste into a new message.
  5. Forward the email to spamrec@ryerson.ca.
  1. Select the message.
  2. From the View menu select Headers then All.
  3. Forward the message.
  4. Forward the email to spamrec@ryerson.ca.
  1. Double-click the message to open it in a new window.  
  2. Click the File tab in the new window and click the Properties button.  
  3. The headers are in the bottom portion of the window (beside Internet headers:). Copy headers.
  4. Forward the original message and paste the copied headers into that message before sending it.
  5. Forward the email to spamrec@ryerson.ca.
  • From the Spam folder, mark the message as “not spam” by clicking the not spam button above the message. This will send a copy of the message to CCS and move the message to your Inbox.
  • Mark the message as “not spam” by clicking the not spam button above the message.
  • If the yellow bar above the message (“Why is this message in Spam?”) indicates that it was blocked due to your “organization's request” (see below), forward the message (with full headers) to notspam@ryerson.ca.
Example of yellow bar above the message

Because of the way some external sites block Google content, it’s best to use an image from the Ryerson branding site. Download and unzip the Logo Download file. Upload the Ryerson-rgb.png file to your My Drive on Google Drive.

You can add this to your Gmail signature. Click on the gear icon and select Settings General Signature. Then use the Insert Image iconselect the My Drive tab and click the Ryerson-rgb.png file. Click on Select. Click on the image and choose the appropriate size.

Phishing

Ryerson receives an increasing number of phishing emails each day - these emails are designed to deceive you into giving away confidential information like your Ryerson username and password, credit card number or bank account information.

Protect yourself whenever using email by knowing how to recognize phishing attempts so you can report and delete them.

  • The sender's address is suspicious.
  • The To field is blank or for another person.
  • The email includes typos or grammatical errors.
  • The message contains an urgent request for personal information.
  • The message requires immediate action to avoid a problem like losing access to your Ryerson account.
  • When you hover over a link or button in the email, it directs you to an address (usually suspicious) unrelated to the text in the link.
  • We've provided some samples to help you detect phishing emails. Many of these examples are derived from phishing emails that were sent to Ryerson email addresses. The links in these examples have been slightly modified to make them less dangerous but please don't attempt to visit these sites.

Here is an example where the sender is pretending the email is from a ryerson address, but the actual address is really from uniswa.szabc.

Email sender appears as 'no-reply@ryerson.ca' but next to it, you find that it's from 'pjmusi@uniswa.szabc'

Here is an example of an email that claims to be from FedEx where the actual address is from specweldfab.revitalsite.comabc.

Email sender field states 'FedEx International Ground' however, to the right you will find the actual address of 'richard.shepherd@specweldfab.revitalsite.comabc'

It’s always worth taking a moment to carefully check the full email address of the sender.

Here is part of an urgent request that included a link to a fake Ryerson login page:

Phishing email stating, 'Due to high numbers of inactive library accounts on our server, you are urged to validate your library account within a week after receiving this e-mail'

Here’s another example of an urgent request:

Phishing email stating, 'We would be shutting down several RYERSON MAIL Accounts. You will have to confirm your RYERSON MAIL Account. So you are required to provide us with the following information.  Full Name: Username: Password: Telephone'

Both of these fake messages include tell-tale grammatical errors and demand you take action to avoid losing access to your account.

Gmail

Click on the gear icon and select Settings Accounts.  Verify that all information beside “Send mail as:” is correct.

Click on the gear icon and select Settings Forwarding and POP/IMAP. Check that your mail isn’t being forwarded to anywhere you don’t want it to be.

Rmail

Click Options Mail Local Account Forwarding.  Check that your mail isn’t being forwarded to anywhere you don’t want it to be.