Eurospan Information Security Guidelines

APPENDIX B

Information Security

Social Media

Information found on social networks can be used to steal your identity, trick you into installing
malware or divulging personal information such as date of birth, address, phone number and even
establish your relationships to other users.

 Be careful about what you post. Remember they are public sites.
 Be careful when creating connections to people. They may not be who they claim to be.
 Use strong passwords.
 Check the security settings for your account. Make sure you are only sharing what you want.
 Third party applications may share your information, always check.
 Keep up to date with the sites privacy policies. This is information about you and how they

manage it.
 Be cautious of clicking on posted links, regardless of source.

Web browsing

Reduce the risk of Internet browsing by following this advice.

 Keep your browser updated.
 Understand your browsers security features.
 Use a pop-up blocker.
 Don’t click on suspicious links.
 Be cautious of what you download.
 When visiting secure sites examine any warning messages carefully.

Identity Theft

Attackers can use your personal information to commit a number of criminal activities including fraud.
There are a number of ways in which they can gather your information, using technology, social
engineering and the information you post online are examples. Being aware of the risk and following the
suggestions given within this site will help reduce the risk of your identity being stolen.

Email

Attackers can use email to infect your computer with malware.

General guidelines
 Do not open any files attached to an email unless you know what it is, even if it appears to come
from someone you know. Some viruses can replicate themselves and spread through email
automatically. Be safe and confirm that they really sent it.
 Do not open any files attached to an email if the subject line is questionable or unexpected. If you
have to, always save the file to your hard drive before doing so.
 Delete chain emails and junk email. Do not forward or reply to any to them. These types of email
are considered spam, which is unsolicited, intrusive mail that wastes network and system
resources.
 When in doubt, always err on the side of caution and do not open, download, or execute any files
received as an email attachment. Not executing is the more important of these cautions.

Detailed Guidelines

Abusive Emails
If you are a victim of abusive emails please report this to your Manager. They will investigate and attempt
to resolve the issue on your behalf.

Spam
Spam is a prevailing problem and our hosted anti-spam service filters a huge amount every day. (Some
days over 90% of the email that arrives at Eurospan is filtered out as spam!). Whatever we do, some spam
will always get through, as spammers find new ways to evade detection. Likely spam messages are
highlighted with [SPAM?] in the email subject.

Phishing
Phishing attackers alter the sender details (to appear as if they had come from somewhere else) and
fraudulent websites designed to trick recipients into divulging personal data such as account
usernames and passwords, financial data, etc. By hijacking the trusted brands of well-known
organisations, banks, online retailers and credit card companies, phishers are able to convince up to
5% of recipients to respond to them.

Stay safe by following these guidelines:
 Treat all unsolicited email with suspicion, regardless of who the sender appears to be.
 Avoid clicking on links, or opening attachments in unsolicited email.
 Never send passwords by email
 When visiting a web site that requires a password, always carefully type the URL address by
hand, or better still, use a 'known-good' bookmark.