Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Notifications of external emails

From: Adam Maynard <AMaynard () CLARKU EDU>
Date: Wed, 8 Feb 2017 17:25:32 +0000
You can setup a rule to convert all html URL's into plaintext. This idea got a lot of pushback where I am, but if 
you're already modifying messages it should be easy.

User awareness training is usually the best way to reduce phishing though. Any technical control won't be perfect. You 
can block know phishing pages/sources, by there's new ones created constantly.


-Adam

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Thomas 
Carter
Sent: Wednesday, February 8, 2017 9:58 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Notifications of external emails

We are trying to combat phishing by making users more aware of emails that come from outside campus vs internal emails. 
We've trialed using a mail rule to modify the subject line and prepend a flag (like "EXTERNAL:" or similar) but users 
complained it caused confusion (?) and they didn't like emails to be modified. I suspect a disclaimer added to the body 
of the message would be either ignored or disliked for the same reasons.

Has anyone else done something to somehow flag external emails? What was the feedback? How well does it work?

Thomas Carter
Network & Operations Manager / IT
Austin College
900 North Grand Avenue
Sherman, TX 75090
Phone: 903-813-2564
www.austincollege.edu<http://www.austincollege.edu/>
[http://www.austincollege.edu/images/AusColl_Logo_Email.gif]

Previous By Date Next
Previous By Thread Next

Current thread: