Alerts NCSAM Newsletter Phishing

External Email Notification Helps Identify Phishes

In the coming weeks, we will introduce a new feature in our email system that will notify users of emails originating from outside of the university. This change is being made to make it easier for everyone at our institution to identify phishing emails. Phishing attacks are on the rise, and often employ multiple methods to make email recipients think that the emails are legitimate. For example, a phishing attempt may spoof the sender’s name, using wustl.edu in the email address (e.g. dean.wustl.edu@gmail.com).

Often, phishing attempts include seemingly urgent messages from the offices of university leaders. Phishing attempts are always malicious. Although phishing attempts often request prompt action in response to an urgent request, recipients should exercise extreme caution in opening, replying, downloading, or clicking on links in these emails. If a user receives an email from a spoofed university address, they should not engage with the email beyond forwarding it to phishing@wustl.edu so that our information security team can investigate the issue.

To help our users quickly and easily identify potential phishing attempts, we will place a banner on emails that originate from outside of university-approved locations. The banner will appear in the first line of the body of the email and will include the following message:

This banner will serve as a visual reminder that even if the email looks like it is from a known sender, it originated from outside of the university, and it may be a phishing attempt. Please visit informationsecurity.wustl.edu often for up-to-date guidance, resources, and information, and follow us on Twitter at @WUSTL_InfoSec.