UW Information Technology

October 4, 2021

In the never-ending battle against unwanted email, UW enlists new guardian

Man receiving emails on his laptop

By Ignacio Lobos

It all started innocently enough with “You’ve got mail.” But like the movie that bears that name, incoming mail wore out its welcome in a hurry.

That’s because it didn’t take long for much of the “mail” headed for our inboxes to turn to junk — or worse, electronic phishing hooks attempting to snare credentials and email with innocent-looking attachments harboring malicious viruses that threatened to destroy our computers, infect our contacts and burrow into the networks we’re tied to at work and home.

While there’s no perfect solution that will prevent all unwanted email from getting to your inbox, UW-IT hopes to build a fairly significant technological barrier by leveraging a powerful tool provided by one of the leading cybersecurity firms in the world and implementing it later this year. The UW’s current solution is being retired by the vendor.

The new email filtering platform comes with superior scanning abilities to help protect UW email from millions of needless, and sometimes dangerous, messages.

The UW’s Office of the Chief Information Security Officer has these tips to help you identify phishing and other online/email scams.

 

Today, stopping malicious email before it even gets to your box is of paramount importance. Consider key findings from the Federal Bureau of Investigation’s 2020 Internet Crime Report: Phishing was the top reported crime, with 791,790 nationwide complaints and reported losses of more than $4.2 billion.

The report also pointed to the continued increase in ransomware, when someone takes over a computer system and won’t release it until payment is made, with 2,474 incidents reported across the country.

Investing in security pays big dividends for the University

As these FBI statistics show, protecting email is anything but trivial.

Private and public institutions, including some prominent schools, health care systems, government agencies, and private companies have fallen prey to cybercriminals. With the rise in cybersecurity threats, protecting email is a vital component in managing enterprise risk, one of UW-IT’s major strategic goals.

If an email system fails to prevent junk mail … it creates a massive risk and slows down the business of the entire institution. — Brad Greer

The UW has been scanning email for potential trouble for about two decades — more than 31 billion messages and counting. Today, UW Information Technology (UW-IT) processes more than 5 million messages a day, with about 2 million of them blocked immediately as spam, virus-laden or phishing.

“Even with many other types of electronic communication tools available, email continues to be the one most used for collaboration and communication at the University,” said Brad Greer, IT Infrastructure associate vice president. “If an email system fails to prevent junk mail, spam and viruses from coming through, it creates a massive risk and slows down the business of the entire institution.”

An enterprise email filtering system works behind the scenes and is not noticed by most email users. But it’s one of the many fundamental enterprise IT systems that everyone relies on 24×7, Greer explained.

Without a robust system and significant personnel resources to maintain vigilance, the UW’s email boxes would become clogged by tens of millions of junk emails in a matter of days, making it virtually impossible for people who depend on email to do their work.

Currently, the UW protects more than 700,000 UW email addresses, explained James Morris, who manages the University’s email infrastructure. The emails belong to current students, faculty and staff and to those who have retired, graduated or left the University but still forward their UW email to other email services. The UW’s broad base of research and global presence creates an added challenge in distinguishing legitimate mail from spam.

World leader in cybersecurity picked for the UW

With the current email filtering system being discontinued, UW-IT looked at the landscape of tools available that could meet the University’s needs and found Proofpoint.

Proofpoint already operates at several major research universities, more than half of the Fortune 100 companies — including leading global banks and retailers — and major pharmaceutical companies.

“With Proofpoint, we are seeking to improve the security of our email even further, so we can work to stay ahead of more sophisticated spam and phishing techniques,” Morris said.

Morris also expects to see improvements in the email block rate through Proofpoint’s better detection capabilities, so that bad email is blocked while legitimate email is delivered.

Implementation comes next

Now that negotiations are complete, UW-IT and Proofpoint are working together over the next several months to design, configure and implement UW’s new solution. Because of the complexity of our email environment, configuration and implementation will take some time to ensure they are done right.

“The goal is to have the new system in place between November and February, and the earlier the better,” Morris said.

The epitaph for email has been written several times in the last two decades, but for many, it remains an essential communications tool — one that needs to be protected.

And this new guardian will be doing just that.

If all your business email gets through and you only occasionally get an email from someone you don’t know trying to sell you something you don’t need, you’ll know the system is working.

A useful glossary of terms from the FBI’s 2020 Internet Crime Report:

Corporate Data Breach: A leak or spill of business data that is released from a secure location to an untrusted environment. It may also refer to a data breach within a corporation or business where sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an individual unauthorized to do so.
Identity Theft: Someone steals and uses personal identifying information, like a name or Social Security number, without permission to commit fraud or other crimes and/or (Account Takeover) a fraudster obtains account information to perpetrate fraud on existing accounts.
Malware/Scareware/Virus: Software or code intended to damage, disable, or capable of copying itself into a computer and/or computer systems to have a detrimental effect or destroy data.
Personal Data Breach: A leak/spill of personal data which is released from a secure location to an untrusted environment. Also, a security incident in which an individual’s sensitive, protected, or confidential data is copied, transmitted, viewed, stolen or used by an unauthorized individual.
Phishing/Vishing/Smishing/Pharming: The use of unsolicited email, text messages, and telephone calls purportedly from a legitimate company requesting personal, financial, and/or login credentials.
Ransomware: A type of malicious software designed to block access to a computer system until money is paid.
Spoofing: Contact information (phone number, email, and website) is deliberately falsified to mislead and appear to be from a legitimate source. For example, spoofed phone numbers making mass robocalls; spoofed emails sending mass spam; forged websites used to mislead and gather personal information. Often used in connection with other crime types.
Social Media: A complaint alleging the use of social networking or social media (Facebook, Twitter, Instagram, chat rooms, etc.) as a vector for fraud. Social Media does not include dating sites.
Tech Support: Subject posing as technical or customer support/service.