Jump to the main content block

Information Security

School of Science and Technology since August after renamed the Ministry of Education will be required for the school level to improve information security, so please pay attention to school colleagues, with the Ministry of Education in April and October each year the two universities on the e-mail social engineering exercise, the network Group is expected to advance 99 years 9 months to drill, then will send you some false or unknown but the theme is very attractive colleague Email email to your mailbox, please develop good habits, do not open them curious, if using Outlook Colleagues or Outlook Express, be sure to close the preview window, see the following content of propaganda.

Notes e-mail social engineering

  • Do not visit non-work-related or do not trust the Web site or e-mail
  • Do not download and install unauthorized software
  • From time to time update the operating system and applications Patch
  • Necessary protective software installed
  • Do not open suspicious letters or work-related attachments
  • Any reference to ”emergency”or” personal finance ” to maintain skepticism
  • If there is any point of the letter concerns, do not click the hyperlink in email
  • Do not fill out any email in the form of personal data
  • Enter credit card number on the site or personal data, must first confirm that the site is never really safe

Should be alert for e-mail

  • 「Why did I receive this message」
    • Sent from
  • 「Should I have received this e-mail」
    • Message subject
    • Message content
  • 「Should I open this message」
    • Whether business or work needs
    • Click the link does not open or whether it will affect
    • Assessment of acceptable risk
    • Due diligence(Colleagues, information center)

Finishing security settings

  • E-mail to cancel the preview function
    • To avoid the mistake to open a malicious e-mail
  • Turn off the automatic download mail photo
    • Prevention of malicious code with the picture of external
  • Read the message plain text mode
    • Contents of the letter to avoid execution of malicious
  • Cancel the automatic transmission slip
    • Gather information to prevent hackers

Effective way to identify phishing

  • Sender's name or e-mail address
    •  Are there exceptions? Need to confirm the identity of the sender
  • Web links, or whether the suspicious attachment file attachment
    •  URL link within the message to determine abnormal
    • www.microsoft-mis.com
    • www.hinet1.net , www.hinet.net
    • www.paper-pchome.com , www.pchorne.com
  • Malicious code attacks are often difficult to detect the file
  • With the recipient's daily work is related to
  • E-mail subject and content
    • With their work, whether the business-related
  • URL instead of using unknown IP(ex.http://220.33.444.12/)
    • Check the attached file
  • For the immediate-related e-mail, if contains threats, inducements, warnings,Tips, and message content, and then act as first thought, you should consider the possibility of fraud
  • Common virus attachment file extension (.bat、.pif、.exe、.zip、.src、.cmd、.rar等)

Internet malware and fraud prevention

  • Do not free to log on personal information sites on the unknown
  • Windows and the Office of the Pacth, anti-virus software and virus signatures to be updated frequently
  • E-Mail Popular name of the account to avoid
    • Log out registered mail, easy to receive many junk e-mail, use caution
  • Do not reply to e-mail of unknown origin
  • E-mail management
    • District office and personal use of the mail
  • Regular testing of the system
    • Regular security check
  • Physical isolation
    • Alert information should be isolated from the host operating entity