Internet Security

Virus Scanning is provided as a standard feature to all Dialup, ADSL, OntheNet Business Mail & Domain Hosting Product DN05.

How is OntheNet protecting me against viruses?

Our email scanners are constantly checking all incoming emails for potentially harmful viruses. In the event that an email has been sent to you containing a virus, our email scanners will quarantine the file and email you a notification to advise you that an email has been quarantined. Here is an example of a quarantined message:

This is a message from the MailScanner E-Mail Virus Protection Service
———————————————————————-
The original e-mail attachment “the entire message” was believed to be infected by a virus and has been replaced by this warning message.

If you wish to receive a copy of the *infected* attachment, please e-mail helpdesk and include the whole of this message in your request.
Alternatively, you can call them, with the contents of this message to hand when you call.

At Tue Sep 29 15:19:07 2009 the virus scanner said:
Clamd:  message was infected: HTML.Phishing.Bank-1232

Note to Help Desk: Look on firebird in /var/spool/MailScanner/quarantine/20090929 (message 58E5C4B3C05.ACC31).

Should you receive an email like the one above and you still require its quarantined contents please forward a copy of this message to support@onthenet.com.au.

Is there anything else that can be done to protect myself?

OntheNet recommend that secondary Anti-Virus is installed on all machines in order to combat any viruses that might get past our systems.
It is also recommended to avoid opening any emails from any sources unless you are certain of the identity and reliability of the sender.

OntheNet customers should ignore scam emails that appear to come from a bank or ask you to login and validate your account details.  We have seen them from every major Australian bank, credit card issuer and financial institutions such as Paypal.

The emails are very convincing and look like this (this is a genuine example)

bankscam

OntheNet customers should also be aware of emails that appear to come from OntheNet asking you to login or validate your account details.

Please be aware that OntheNet will never ask for your password via email. If you have any doubts please call Technical Support.

Here is an example:

Dear Subscriber,

Important Notice – We have temporarily limited access to sensitive  account features,To restore your account access, please you must  reply to this email immediately and enter your password here  (********) and Check out your new  features and enhancements with  your new and improved Onthenet account.

You can also confirm your email address by logging into your  Onthenet Account at http://webmail.onthenet.com.au/imp/login.php .  Click on the “Confirm email” link in the Activate Account box and  then enter this confirmation number: 1265-6778-8250-8393-5727  Failure to do this will immediately render your email address  deactivated from our database.

Thank You for Using Onthenet Email Service.

Creating Strong Passwords

It is becoming increasingly important to have strong passwords as the bad guys out there use more sophisticated techniques to try and access your personal information. So, what makes a strong password?

These are some simple rules to follow which should keep you out of trouble.

  • Increase the length of your password:
    No less than 8 characters.
    12 or more characters would be better.
  • Ensure that you use complex passwords as they work the best:
    Do NOT use words you would find in the dictionary or common names.
    Do NOT use consecutive numbers or letters like 0123 or ABC.
    Use all the characters and symbols available to you.
  • Do NOT use personal information that can easily be guessed such as:
    You or a family members birthday date.
    Wedding anniversaries.
  • Do NOT use the same passwords for all websites.
  • Do NOT have passwords written on sticky notes on and around your computer.
    If you need to have it written down then ensure it is kept in a safe place.

The following is an example of a method you can use to create a secure password. It uses a master phrase that you generate password variations from.

Steps to create a strong password:

Step 1: Create a master phrase by taking a word (or multiple words) and reversing it.

Eg: when “lovethebeach” is reversed it becomes “hcaebehtevol”.

Step 2: Strengthen the password by mixing in a number string such as a date that is meaningful to you (avoid using you or a family members birthday).

Eg: Add the date “251212” to the base phrase “hcaebehtevol” to become “hcaeb25eht12evol12”.

The above method is no doubt memorable for you but very difficult to be cracked.

To create an even stronger password add/replace characters with upper case characters or symbols. There are numerous other techniques that you can combine together so be creative.

Please DO NOT use the example password above or any that you see on websites as they are insecure due to the fact that they are publically available.

How to manage the challenge of multiple passwords

It is important it is to use strong passwords but this raises an obvious issue of having to use an ever-increasing number of strong passwords and store them in a secure manner.

A free application called LastPass is available for this purpose. LastPass can store passwords you have created, automatically create and store strong passwords for you and can also work in combination with additional security mechanisms like Google Authentication and hardware devices. It is available across multiple platforms and web browsers. See www.lastpass.com for more information.

Common sense should always prevail and while you can use applications like LastPass to store personal information such as bank account details you may not wish to do so until you are more familiar with the company and/or use advanced security features available within the package. You will need to carefully consider the settings you use, how you manage the single master password and how much you automate access to the devices that use such an application.

OntheNet has no commercial affiliation with LastPass.

How to change your OntheNet Passwords

To change the authentication password for a Broadband service please contact Technical Support.

To change the password for your OntheNet email address click here. Alternatively, contact Technical Support.

To change the password for Domain and/or Web Hosting services please contact Domain Administration.

How much does this service cost?

Spam Tagging & Filing is provided as a standard feature to all Dialup, ADSL, OntheNet Business Mail & Domain Hosting Product DN05.

How does the Spam system work?

OntheNet uses automated processes (Spam Tagging & Grey Listing) to attempt to identify Spam via incoming mail and those identified as potential Spam are either rejected or tagged. This process involves software making a decision about whether or not an item of email is undesirable and as a consequence will occasionally result in:

  • Some emails being rejected / deleted
  • Some undesirable emails / viruses being permitted
  • Emails that are not undesirable being filtered and stored separately (where Spam Filing applies)
  • The Spam that is tagged is either:
  • Delivered to the mailbox, and it is the mailbox owner’s responsibility to manage the Spam including set up of automatic spam filing if desired, or;
  • Where Spam Filing applies, the tagged spam is diverted so that it does not arrive in the user’s mailbox. The diverted, tagged email is filed in a separate mailbox and deleted after 30 days and it is the customer’s responsibility to manage these emails.

How do I check if my mail has been tagged and filed as Spam by the mail server?

All emails that have been tagged and filed are placed in a Junk Folder which can be viewed by using webmail. These emails are held on the server for approximately 14 days. Emails tagged as spam can be identified by their name which will look like (Spam?). Emails that have been Greylisted are added to a rejection list on our server. Contact Support for any concerns regarding Greylisted emails.

How do I turn the Spam system off?

If you wish to disable any Spam services please contact Technical Support.

How can I assist OntheNet / What information can I provide to OntheNet?

Each email sent on the internet contains detailed information about where it came from and how it was scored by scanners. OntheNet Virus/Spam Filtering Systems can use this information to find out more about the email and even help us adjust our settings to better pick up the emails you don’t want.

As our systems are not flawless there may be times where new spam that has recently surfaced may get passed our systems. This is not to be considered a fault or a flaw in the system but rather the system has not learnt of this spam yet. In most cases our systems will eventually learn about this spam automatically however sometimes we may ask you for additional information. The information we need from you are the ‘headers’ of the email.

Here some instructions to help you get this information. Make sure to refer to your appropriate email program. Once you have these details, please email them to support@onthenet.com.au

Outlook Express / Windows Mail:

  1. Select the message in the inbox or deleted items folder.
  2. Right click on the message and choose Properties from the menu.
  3. Properties box will appear. Choose Details tab from the top.
  4. Right click in the middle of the box and choose Select All from menu.
  5. Right click again on the highlighted text and choose copy.
  6. Create a new email and paste the information by right clicking in a blank area in the message window and choose paste from the menu.

Outlook 2000-2003:

  1. Select the message in the inbox or deleted items folder.
  2. Right click on the message and choose Options from the menu.
  3. Right click in the middle of the Internet Headers box and choose Select All from menu.
  4. Right click again on the highlighted text and choose copy.
  5. Create a new email and paste the information by right clicking in a blank area in the message window and choose paste from the menu.

Microsoft Entourage 2004 for Mac:

  1. Double click the message to view it in its own window
  2. Click “View”
  3. Click “Internet Headers”
  4. Copy the entire text in the headers box at the top