Overview
This tool is intended to cut down the number of scam email messages that many University students, faculty, and staff receive every week.
- The policy compares an incoming email message to the history of messages in your Inbox
- When the name on the message matches a name in your email history, but the address is different from the previous address, then the anti-phishing policy flags that message as dangerous, adding a banner at the top to warn you of the anomaly
CHARLIE.COYOTE.USD.EDU32@GMAIL.COM appears similar to someone who previously sent you email, but may not be that person.
Learn why this could be a risk
- The messages will be delivered to the Junk email folder
- You must keep an eye on your Junk folder for legitimate messages and mark them as Not Junk
- We recommend keeping your Junk folder cleaned out each day to make finding legitimate messages easier
- Be careful with any email message containing a Security Tip
- If the message appears to come from your supervisor or co-worker, then confirm the message by calling a known number or sending a separate message to their University account.
Benefits
Will anti-phishing policy flag a legitimate email as suspicious?
- Yes - sometimes. People often mistakenly send a legitimate email from their personal account rather than their University account.
- This happens most often when the sender is using their mobile device to send a message because the native email app is probably configured to send email for both personal and University business.
How can I prevent legitimate messages I send from going to Junk?
- The best way to prevent your messages from being delivered to Junk is to *always* use your University email address to send messages to colleagues and students at USD.
- Use the Outlook Mobile app to manage your University email and use the native email app to manage your personal email. Using separate email apps for work and personal email is the best advice.
How can I prevent legitimate messages I receive from going to Junk?
- When a legitimate message is delivered to Junk
- Right-click the message
- Click Junk
- Click on Not Junk from the drop-down menu.
- Office 365 can begin to learn about legitimate messages from personal addresses. This method may work, but you should remind your colleagues to use a USD email address to send email messages. They may not be aware that they are sending an email using their personal account.
Why deliver suspicious messages to Junk?
- Hundreds of University employees are targeted each week by a simple scam that attempts to gain your personal cell phone number and possibly scam you out of hundreds of dollars. It is very simple and thus effective. The attacker uses the University web site to find a list of employees who report to an individual like a Dean or Chairperson. The attacker creates a legitimate email address with that supervisor’s name, such as charlie.coyote.usd.edu32@gmail.com. The attacker then sends a simple message:
From: charlie.coyote.usd.edu32@gmail.com:
Subject: Are you on campus
Are you available?
No calls only text 5555555555
Best Regards
Charlie Coyote
Dean of a Legitimate USD College
- Often people see this message on their phone, and they send a text message which gives the attacker their personal cell phone number. The attacker then tries to convince the victim to purchase gift cards and send pictures of the activation codes on the gift cards. This attack is most effective against student employees or new employees, but *many* people give away their cell phone number before they realize it is a scam.
Available To
Students Faculty and Staff
Cost
This service is available at no cost.