Information Technology Services > Information Security Services > Spam, Phishing, and Malware

Spam, Phishing, and Malware

Need help learning the difference between spam and phishing emails? Do you know when it is best to send a suspicious email to WSU’s Information Security team at abuse@wsu.edu?

Have questions about malware or the recent Multi-Factor Authentication (MFA) phishing attempts?

Read below for tips, instructions, and additional information on these security topics and more.

What is Spam?

Spam emails are unwanted messages sent out in bulk for business and advertisement purposes. While receiving spam emails can be frustrating and confusing, spam is often not malicious and does not typically attempt to steal your personal or private information. Instead, spammers communicate to promote a service, sell a product, or share business information.

Many businesses or organizations send spam emails, but users may also receive numerous spam emails from an individual or unknown person.

Due to the First Amendment’s right to free speech, WSU’s Information Security team is unable to block spam emails that do not have malicious links, attachments, or intentions. Users can follow any of the measures below to block spam email addresses or spam messages with Proofpoint or Outlook.

The more you teach your email program where you want certain emails to go, the more efficient your daily email lives will be. To help keep your inbox clean, WSU employs Proofpoint email protection services. Proofpoint’s email filtering system moves suspected spam or bulk email into your personal quarantine. If Proofpoint identifies and quarantines spam or bulk email, you will receive an end-user digest at 7:00 a.m. the next morning for your review. After 30 days, quarantined emails are permanently deleted from the system. If you have not received an end-user digest, Proofpoint has not identified spam or bulk email attempting to reach your inbox.

ProofPoint end user digest screen shot

System Commands

Request New End User Digest – Click if you would like to receive a new digest before the next scheduled delivery. You will receive a complete list of all messages currently in your quarantine.

Request Safe/Blocked Senders List – Click to have a complete list of all safe and blocked senders in Proofpoint emailed to you.

Manage My Account – Click to access your Proofpoint Web Console and view your quarantine, manage your settings, or update your safe and blocked senders lists.

Message Commands

Release – Click to deliver the message to your Outlook inbox and automatically report that the message is not spam.

Release and Allow Sender – Click to deliver the message to your Outlook inbox, add the sender to your Safe Senders List, and automatically report that the message is not spam.

Not Spam – Click to report the message as not being spam.

If you receive a new end-user digest, click Manage My Account to access and manage various Proofpoint settings.

End User Digest Settings

To receive an end-user digest whether you have new quarantined messages or not:

  • Click Profile > My Settings and check both options:
    • Send an End User Digest daily when I have new messages in my Quarantine, and
    • Send an End User Digest when there are no new messages in my Quarantine
  • Click Save

To have a complete list of your quarantined messages sent to you on-demand:

  • Click Options in the top menu bar and choose Request Digest.

Filtering Settings
Proofpoint offers three levels of spam detection:

  • Default is appropriate for most people and offers the best balance between stopping unwanted spam and bulk emails and allowing desired mail.
  • Relaxed is suitable if you are concerned about legitimate emails being stopped and would rather not wait for the daily end-user digest.
  • Restrictive is not recommended as it will quarantine any suspicious email, regardless of the system’s level of certainty about it being spam. Only use this filter if you are not concerned about the possibility of legitimate emails occasionally being quarantined.
  • None will allow all email you receive to bypass spam filtering.

To edit your spam detection filtering, click Profile > My Settings. Select the desired level under the What type of spam detection do you want? section.

Manage Blocked and Safe Senders
To view your blocked and safe senders, click Lists and select either Safe Senders List or Blocked Senders List in the top left menu:

  • Safe Senders List – messages from these senders or domains will bypass spam filtering and will be delivered directly to your inbox after being screened for viruses and other security threats.
  • Blocked Senders List – messages from these senders or domains will not reach your inbox and will be moved to your quarantine folder.

To add a new sender or domain to the Safe or Blocked Senders List, click New in the top menu bar, enter the email address or domain, click Save. Please remember to click Save after every entry and click Close when complete.

Preview Quarantined Messages
Safely preview the content of a message if are you unsure it is spam.

Click Quarantine > and select the message. The content will load in the preview pane at the bottom of the page. If the message has an attachment, you can download it by clicking on it.

Options for Quarantined Messages
Select a message in your quarantine and select one of the following options in the top menu bar:

  • Not Spam – Reports the message as not being spam.
  • Release – Delivers the message to your Outlook inbox and automatically reports that the message is not spam.
  • Delete – Deletes the message.
  • Allow Sender – Adds the sender to your Safe Senders List and automatically reports the message was not spam.

Messages that are too large to pass through our email system are kept in your quarantine for 30 days. The content of email messages with large attachments cannot be downloaded. If you want the email in Outlook, have the sender provide a copy of the message that does not contain the attachment.

Delete Quarantined Email
Any suspected spam or bulk email is kept in your quarantine for 30 days before it is permanently deleted from the system.

To manually delete all messages in your quarantine, click Quarantine, click Options in the top menu bar, and select Delete All.

Outlook Makes It Easy to Manage Spam Emails

To stop receiving emails from a spammer, add their email address to your blocked senders list. Outlook automatically moves all new emails from a blocked sender to your Junk Email folder.

  • Outlook for Mac
    (Legacy Outlook) Select a message from the spammer. In the top ribbon, select Junk > Block Sender.(New Outlook) Select a message from the spammer. In the top menu bar, select Message > Block. Confirm OK to block the sender.
  • Outlook for Windows
    Under the Home tab, select Junk (person icon with red circle) > Block Sender.
  • Outlook on the Web
    Select a message from the spammer and right-click. In the pop-up menu, select Block > Block Sender. Confirm OK to block the sender.
  • Outlook Mobile App
    Select a message from the spammer. Click the three dots at the top of the email. Click Report Junk and select Block Sender.

Outlook allows you to report an individual spam email as junk email. Reporting an email as junk moves the message to your Junk Email folder and sends a copy to Microsoft to help improve Outlook’s spam filters.

  • Outlook for Mac
    (Legacy Outlook) Select a message from the spammer. In the top menu bar, select Junk > Junk.(New Outlook) Select a message from the spammer. In the top ribbon, select Report > Report Junk.
  • Outlook for Windows
    Under the Home tab, select Report Message > Report as Junk.
  • Outlook on the Web
    Select a message from the spammer and right-click. In the pop-up menu, select Report > Report Junk. Confirm OK to report the junk email.
  • Outlook Mobile App
    Select a message from the spammer. Click the three dots at the top of the email. Click Report Junk and select Junk.

At this time, Microsoft only allows you to have 1,024 addresses or domains in your blocked senders list. However, you can always review the list and edit it when needed.

  • Outlook for Mac
    (New Outlook) In the top menu bar, select Tools > Junk Email Preferences.
  • Outlook for Windows
    Under the Home tab in the top ribbon, select Junk > Junk Email Options > Blocked Senders.
  • Outlook on the Web
    Click Settings (the gear icon) in the top right corner. Search for Blocked senders and domains and select the result.

Although spam email is often legitimate, please remember to be cautious with emails you did not ask for and messages from an unknown business or person. Never click on a link or attachment inside a spam email, including the familiar Unsubscribe button. It is much safer to block the sender instead of clicking Unsubscribe.

Please do not reply to spam messages. Replying can let the spammer know that your email account is active, and they may increase the level of spam they send.

Avoid posting your email address on social media or other online locations. It is critical to keep your personal information, including your email address, as private and protected as possible.

Learn how to determine the legitimacy of an email by understanding the difference between spam emails and phishing emails.

What is Phishing?

Phishing emails are fraudulent, malicious messages sent to steal personal information and sensitive data, including login credentials, credit card or bank information, and more.

Malicious third parties pretend to be reputable organizations, businesses, or people and send emails that appear valid to lure users into clicking a link, opening an attachment, or sharing private information.

If cyber attackers compromise a WSU account, they may trick users into trusting them by falsely presenting themselves as legitimate internal communicators.

Because cyber attackers work hard to deceive users into compromising private information, it may be challenging to determine if an email is a phishing attempt. To help users better identify phishing, a list of various phishing email characteristics is provided below.

  • Act Now
    Phishing emails will always ask you to do something. They will ask you to click on a link, open an attachment, reply with information, or contact an unknown identity. Never comply with their requests.
  • Act Fast
    Cyber attackers will attempt to manipulate your emotions by creating a sense of urgency. They may scare you, spark your curiosity, or take advantage of your compassion by giving an ultimatum or setting a short deadline to comply with their requests. Attackers use this tactic to trick users into responding quickly and without thought.
  • Generic Greetings
    Phishing emails often have impersonal greetings and do not refer to you by name. The cyber attacker may address you with a vague statement like “Dear Student” or “Dear User.”
  • Spelling, Grammar, and Language Errors
    Obvious grammatical, spelling, or language errors and awkward punctuation, sentence structure, or capitalization errors are very common in phishing attempts.
  • Check the “To:” Field
    Phishing emails are often sent to an undisclosed group of recipients. If the email’s “To:” field is empty, or says it was sent to undisclosed recipients, it is likely a phishing attempt. Cyber attackers also often send phishing emails to multiple recipients with the same first, middle, or last name.
  • Check the Domain
    Cyber attackers pose as an official organization or business, but they often send phishing emails with an email account registered with a free email service. Attackers will often claim to be with WSU, your bank, or another reputable organization but will use email accounts with a gmail.com domain or something similar.
  • Check the Sender
    Phishing emails may have a display name for a legitimate organization or person. Always check if the sender’s email address matches the display name. Attackers may also compromise a WSU account and send phishing emails to other WSU users to trick you into trusting them or believing they are a legit sender.

Malware

Cyber attackers often disguise malware in their phishing emails, infecting any unprotected computer connected to the internet within minutes of clicking a malicious link or opening a malicious attachment.

Malware infections put your and others’ personal data at risk.

  • Keep your system up to date
  • Use anti-virus software
  • Do not install untrusted software

  • Different browser homepage or start page
  • Changed settings you cannot change back
  • Ending up at a strange site when using search
  • System firewall has been turned off
  • Increased network activity while not active
  • Excessive pop-up windows
  • New icons, programs, or favorites you did not add
  • Frequent firewall alerts about unknown programs
  • Bad/slow system performance

MFA and Okta Verify

Multi-Factor Authentication (MFA) provides an additional layer of security to university accounts and resources. With a strong password and a unique MFA code, users can protect their information from malicious parties.

However, recent phishing attempts are using false MFA requests or manipulating users into sharing and approving verification requests.

To ensure your account and personal information remain secure from malicious parties, please only approve MFA requests if you are actively logging into WSU resources and have prompted MFA to be sent.

Your MFA must remain private. WSU will never ask you to share or approve a verification code. If you receive an email, text, or call from an unknown source asking to provide your MFA method or code, or confirm your credentials, do not reply.

WSU offers several verification options, but the best way to secure your account is by using the Okta Verify app for MFA. The app only works on one device and informs you of the approximate location and website for every active login attempt, giving you the most control over your MFA. By sending a quick push notification, the Okta Verify app also serves as the fastest MFA option.