Computer Security

AICT Intrusion Prevention acts as a liason to the rest of campus for operational computer security issues and ensures that students and staff alike adhere to the University's computing policies and guidelines.  If you have concerns about the security of your computer, CCID, email, or any other day-to-day functions, please contact the AICT Computer Security Administrator at This email address is being protected from spambots. You need JavaScript enabled to view it. .  Remember, we will never ask for your password.

Facebook.  Twitter.  LinkedIn.  We all know of them, and most of us use them.  Social media sites focus on user-generated content, and they allow fo anyone to share their thoughts an opinions with a wide audience.  Whether you rely on these services to run a business, or use them on a personal scale, there are a wide range of security issues you need to be aware of.  Social engineering—not technical exploits—has become a primary method for gaining access to secure information.  Social engineering is the act of obtaining information by manipulating people through social psychology to achieve a goal.  Social networking websites have become a prime target for these types of attacks.

Abuse of email systems is one of the most popular issues concerning computer security and it is vital that people understand the risks involved with email.  The purpose of this section is to provide information that can protect you from the most poplular types of email abuse.

Why would anyone care about my emails?

Many people view email as a tool for quickly sending or receiving information and fail to realise their email contains far more valuables then a few simple messages.  Consider this:

• • How many contacts do you have in your address book?
  • Do you store website logins and passwords in archived emails?
  • Do you receive eBills (electronic bills) for services such as Cable, Internet and Utilities?

All of these items contain information that is valuable and can be sold.  You may ask why others would care about the contents of a seemingly insignificant email account but that mailing address in your eBill is a possible answer.  All the contact information in your address book is a gold mine for spammers as it provides them with email addresses that are most likely active and being read on a regular basis.

Yes, but didn't that email say it came from you?

Email was not designed with security in mind which makes it incredibly easy to spoof addresses and trick you into thinking you're corresponding with someone who isn't who they claim to be.  Often times these emails contain 'phishing' content where the ultimate goal is having a user give up important information such as usernames and passwords.  Phishing emails contain 3 primary characteristics:

• • They claim to come from a source of authority (University Administrators, Police, Government etc.)
  • They request that you give up personal information such as usernames and passwords.
  • They imply something negative will happen if you don't provide these details.

Why did that link take me to the wrong site?

Links in emails and websites contain two pieces of information.  The first is the text you read on the screen and click on when you want to follow that link.  The second is the code running behind the scenes that determines where that link will actually take you.  Just because a link says it will go to a particular website, does not mean this is where you'll end up.

Here's a harmless example: http://www.ualberta.ca

Even though this link says it goes to the University website, clicking it actually takes you to Google.  Many phishing emails abuse this method and replace the code with links to a website that look very similar to the real one.  Many people won't catch this and will end up giving their important information away without knowing it.

So what can I do about all this?

The most important thing you can do is use caution when using email. Under no conditions should you give any information to anyone via email no matter who they claim to be.  A few simple steps you can follow are:

• • Never reply to phishing or spam emails.  Doing so validates your account exists and will likely INCREASE the amount of unwanted mail you receive.
  • Be cautious of links in strange emails.  If you hover the mouse over the link, most browsers will show you in the bottom left where that link will take you.  If the address has typos or looks strange, don't click the link.
  • Unsubscribe links in spam emails are a trap and WILL NOT unsubscribe you.  They simply validate that your account exists.
  • Use extreme caution when opening attachments regardless of who they are from.  Remember, addresses can be spoofed.  If it contains files ending in .exe, .vbs, .bat or .scr DELETE THEM immediately.

Remember that we are here to make your life easier.  If you're not sure about an email or question where it came from you can either forward it to This email address is being protected from spambots. You need JavaScript enabled to view it. or contact us directly at (780) 492-1390.