Email spam is unsolicited mass email. Some spam email can contain offensive content or it may have an attachment that contains a virus that has the potential to harm your computer or the network.
All incoming outside email messages are passed through the Ryerson mail filters to determine whether they are legitimate senders or from "spammers".
Appropriate measures will be taken to try and reduce the amount of incoming spam and reduce the number of messages that have been falsely flagged as spam.
Currently, incoming outside email messages passed through the Ryerson mail filters which are considered to be spam are quarantined and not delivered to your mailbox. This may cause potential problems because some legitimate messages are falsely flagged as spam, quarantined and the users don’t know about it. Currently, users contact CCS to check if a message they were expecting has been quarantined and if so CCS will manually release the message from quarantine.
Starting late March 2017 users will be able to manage their spam messages. Ryerson’s email system will no longer quarantine messages for users. RMail users will see a new folder called "Spam" in their mailbox and all spam messages will be delivered to that folder. If a message is not spam users should report it to firstname.lastname@example.org. They will also be able to move the message from the "Spam" folder into their Inbox or any other folder. The system will automatically remove messages in the Spam folder that are older than 30 days.
To protect your computer from spam, you should always take precautions including:
Often when CCS troubleshoots an email issue, or reported spam, it’s useful to have the “full headers” of a message. This helps to accurately track where a message came from.
Forwarding from Ryerson Webmail (RMail)
Ryerson Webmail (RMail)
Because of the way some external sites block Google content, it’s best to use an image hosted on Ryerson’s servers. Here is an image available to use: https://www.ryerson.ca/content/dam/brand/Ryerson-Logo-Email-Signature/RyersonLogo-EmailSig.png
You can add this to your Gmail signature. Click on the gear icon and select Settings > General > Signature. Then use the Insert Image icon, select the Web Address (URL) tab and enter the web address.
Ryerson is receiving an increasing number of "phishing" emails. Phishing emails are designed to deceive you into giving away confidential information like your Ryerson username and password, credit card number or bank account information. This page provides guidance on how to recognize phishing emails so you can report them and delete them.
Common traits of phishing emails:
Here is an example where the sender is pretending the email is from a ryerson address, but the actual address is really from uniswa.szabc.
Here is an example of an email that claims to be from FedEx where the actual address is from specweldfab.revitalsite.comabc.
It’s always worth taking a moment to carefully check the full email address of the sender.
Here is part of an urgent request that included a link to a fake Ryerson login page:
Here’s another example of an urgent request:
Both of these fake messages include tell-tale grammatical errors and demand you take action to avoid losing access to your account.
Hovering over a link with your mouse and carefully checking the URL is one of the best ways to detect a phishing email. If you are using a tablet or smartphone carefully press and hold the link, rather than tap, to reveal the true URL. Here's an example of a link that goes to a fake Ryerson login page hosted in a server in another country.
If you hover over the link without clicking you will see a very long URL (it may appear in the bottom-left of your browser) like this:
It may remind you of what you see in the location field of your browser when you log into the my.ryerson.ca portal. But it is not the same. Here is the valid address that you see when you login to my.ryerson.ca:
Aside from the fact the fake link is longer, how can you tell which one is a link to a server at Ryerson and which one is not?
Here is fake URL that has been well-crafted to look like a Ryerson address:
Notice how a hyphen has replaced the dot. A valid Ryerson host name that isn’t simply https://www.ryerson.ca must end with .ryerson.ca/
Let's look at two fedex URLs. Which one takes you to a Fedex site and which one to somewhere more dangerous?
To tell the difference, locate the first forward slash after the https://:
The first link takes you to the real fedex.com site. The second just has fedex in the name.
If you aren't sure about a link, type a link that you know is correct like my.ryerson.ca or fedex.com into the location bar of your browser instead of clicking.
The Ryerson community makes extensive use of Google Apps including Drive, Calendar, and Groups. The URLs for these applications can be very long but they all start with a host name that ends with .google.com:
The host name always ends before the first forward slash with .google.com/
Some attackers have used personal Google accounts and Google Forms to try to get people to "login" to a Google Form. This is relatively easy to spot because Google Forms don't look like Ryerson's or Google's login screens. Google has even added a warning at the bottom of every Google Form that says: "Never submit passwords through Google Forms."
Click on the gear icon and select Settings > Accounts. Verify that all information beside “Send mail as:” is correct.
Click on the gear icon and select Settings > Forwarding and POP/IMAP. Check that your mail isn’t being forwarded to anywhere you don’t want it to be.
Click Options > Mail > Local Account > Forwarding. Check that your mail isn’t being forwarded to anywhere you don’t want it to be