Summary
To help combat phishing and fraud, OIT will begin adding warning disclaimers to e-mail sent from the outside of our systems.
What is Happening?
The Office of Information (OIT) will be flagging e-mails that originate from outside of our e-mail system with a “Caution” warning. This does not necessarily mean the e-mail is fraudulent or a phishing scam, but is meant to give you extra information to make scamming more difficult. For instance, if an e-mail is supposed to have come from a supervisor but has the “Caution” warning, you will want to verify outside of e-mail whether the sender is legitimate.
What should I Expect?
The warning will show up at the top of an e-mail like below in color if available:
It will appear in plain text without colors for simple e-mails such as the ones sent from an iPhone. The 1st line preview of your mail client will also show the caution – allowing you to decide whether or not to be suspicious. Example:
What Do I Need To Do When I Receive This Caution?
If you were expecting the e-mail and/or the recipient is someone you regularly communicate with, you can safely ignore the caution warning. If, however, you suspect that the e-mail may be fraudulent, you can delete it if it is a nuisance or forward it to the help desk if it is a phish or scam that should be blocked network wide. If an e-mail comes from the outside purporting to be an employee or supervisor on our e-mail system or you are unsure of the identity, please contact the help desk and we can verify the e-mail’s origin.
Technical Background
E-mail has been around for well over 40 years in some shape or form. E-mail was never designed with security in mind and therefore it is really easy to pretend to be someone else online. Most free e-mail services let you set your name to whatever you like without verifying you are who you say you are. Scammers take advantage of this and try various methods to trick people into responding to their e-mails. While our SPAM filter blocks thousands of these a day, several of the cleverest will still make it through. The best defense against this is vigilance and skepticism from all of our users.
Previous Articles on Phishing
https://archoit.org/2018/10/29/beware-of-phishing-e-mails/
https://archoit.org/knowledgebase/phishing-kb/
https://archoit.org/knowledgebase/phishing-email-protection-in-microsoft-outlook/