Re: Transport rule to put a header on external email

["Madl, Michael" <michael.madl () INDWES EDU>]

Hi Mandi,

I can definitely confirm that by adding a header to external email and explaining why, to the user community, has 
raised awareness to potential phishing attacks.  Our users second guess any external email and reach out to my office 
when they are unsure.  Compromised accounts have gone down in my opinion.   We have also implemented a REPORT PHISH 
button for all outlook users allowing them to report any suspicious emails that meet a certain criteria.


MICHAEL MADL
INFORMATION SECURITY OFFICER
UNIVERSITY INFORMATION TECHNOLOGY

[cid:image003.jpg@01D504C0.AC7E2DC0]


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Mandi Witkovsky
Sent: Tuesday, May 7, 2019 9:40 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Transport rule to put a header on external email

** This message originated from outside the Indiana Wesleyan University email system **
________________________________
For those who have a rule set up to add a header to incoming external email, have you seen a decrease in security 
events, or a corresponding increase in awareness?  Did you whitelist any 3rd parties that send on your behalf so that 
the header doesn't appear?  Have you seen any pushback from people?  Thoughts on adding a header vs prepending 
"EXTERNAL" or some such in the subject line?

We're looking into adding this, and I wondered what experience you all have had.

Thanks,
mandi