Protecting Yourself and Your Computer
In today’s computer environment, it is essential that steps are taken to eliminate or minimize exposure to computer viruses and other threats. There are many things that you can do to assist us in creating a safer and more efficient computing environment.
The Department of Education email system is for business purposes only. Any non-business use of email or other DOE resources is a violation of the Internet Acceptable Use Policy (IAUP).
- Don’t reply to any email advertising (SPAM)
- Don’t click the unsubscribe link on any spam or newsletter you receive
- Don’t click on a web link on emails from unknown or questionable sources
- Don’t open any attachments in emails from unknown or questionable sources
- Don’t use your DOE email address for internet purchases
- Don’t use your DOE email address to subscribe to newsletters
Emails from your colleagues will show their display name (lastname firstname, i.e.: Doe John) in the FROM field. If the email is fraudulently sent (spoofed) then it will show loginID@schools.nyc.gov (i.e.: JDoe@schools.nyc.gov) in the FROM field.
Phishing is using email to gain your trust and trick you into providing personal information to an unknown person or group. If you receive an email that you think is a “phish”, the tips below can keep you from taking the bait.
- Know the online companies you deal with. When a suspect email arrives, it could be fraud, it's definitely spam, and it is definitely not for you. Delete it.
- Examine the subject line of an email carefully. Citibank will never send you an email headed “_Citiibank_account_update ACT-N0W”. These messages may get through spam filters because they appear to come from a reputable source, but that doesn’t mean it’s really from Citibank.
Looking at the Email
- Understand how the companies you deal with want to interact with you. For example, banks usually want you to access your account through their website–not an email link. “Phishing” emails stand out because they don’t follow the rules.
- Practice safe browsing. Open a new browser window each time you log on to a web site that displays personal information. When you are done at that site, log out and close that browser window.
- Be sure to read emails that say they are from companies you know. Sometimes a real email will have a spelling or grammatical error, but anything more than one error is suspicious.
- Scroll over the links in emails you receive and check them. In some email systems, you can scroll over the different links in an email and see the actual contents of the link. If the email says PayPal, but the link content says “ www.paipall.com”, be careful. And note: URLs can be disguised—so don’t take a suspect link at face value.
- Never enter your personal or credit information into a form in an email. If you feel the email is legitimate, call the company or visit their web site and log in to provide the requested information.
- Expect good customer service. Unless your name is “eBay User” or “johndoe99”, most “phishing” emails are not personalized. If you receive a “Dear Customer” email, it may be time to move on.
Stay on Guard
- Read your statements – every one, every month to ensure your charges and debits are correct. Often information obtained through phishing is not used right away. Stay vigilant and report any suspicious activity immediately.
- Use and maintain your email protection software for spam blocking, fraud blocking, and anti-virus. If you have any questions, there are many fine web sites which can provide the latest information on the latest virus, “phishing” attack, or on-line scam. "Phishing" schemes will continue to get more sophisticated and harder to detect. A combination of technology and consumer awareness is the key to keeping the “phish” at bay and making your email good again.
Use of Non-DOE Email
The Department of Education’s email system is protected with multiple layers of anti-virus scanning technology. Every email that enters the DOE system is scanned by 6 different virus scan engines. That cannot be said of non-DOE email systems. Many of you have personal email accounts provided to you by your Internet Service Provider (ISP) or by email services such as Yahoo! or Hotmail. You can be infected with computer viruses through outside email. Do not configure your DOE e-mail client to connect to an external email account.