What is External Email?
External email is any mail message that comes into your email box from someone outside of the University of Rochester, URMC or UR Medicine. This includes organizations and people we may work with frequently, such as vendors, partners in the health care community, and associations. Before the message is delivered to your inbox, our email security system, Proofpoint, adds an alert to the body of the message to make you aware that it came from an external source:
What is the Risk of a Bad Email?
If you receive a malicious email and click a link, or provide your personal login information, you can compromise the security of our network. This could allow a virus, malware or ransomware to take hold of our systems. Following through on a message from a “bad actor” could also expose your information and cause you to lose files and can lock your account.
Bad actors sending malicious emails are getting harder and harder to spot, so it’s important to be vigilant and critical in reviewing your messages.
What Should I Do When I See the External Email Alert Banner?
It’s important to verify the email is legitimate because sometimes a new type of phishing message may not yet be known to the Proofpoint security system. (This is very rare but can happen.)
How Do I Verify An External Email is Legitimate?
There are several parts of an email message you can check to confirm it’s a legitimate message.
Step 1: Use your reading (preview) pane or open the message to view the header information on the message.
Step 2: Look at the sender’s full email address – you may hover your mouse cursor over the “From” to see the full address. Ask yourself:
Do I know this person or organization?
Does the email domain (@example.com) look right?
Does the address make sense compared to the name of who sent it?
Step 3: Look at the content of the message.
Are there obvious grammar, spelling or punctuation issues?
Does the tone of the message sound right?
Is the message attempting to elicit certain emotions or sense of urgency?
- Greed – offers money, gift card or reward for clicking a link or providing information
- Curiosity – promises an exciting outcome or more information
- Fear – threatens negative consequences, like shutting off an account or legal action
- Urgency – requires quick action or gives a short deadline
Step 4: Look at links in the content and attached files. (Be careful not to accidentally click a link!)
Were you expecting an attachment?
Does the file name of the attachment look appropriate?
PLEASE NOTE: In external mail, you cannot hover over a link to reveal the full URL. Proofpoint replaces links so that, when a link is clicked, it routes through a security filter. You must still exercise extreme caution with links in email messages and be certain they’re valid before clicking!
—– If the message passes inspection, proceed as usual! —–
If you are uncertain or would like help verifying an email, please contact the University IT Help Desk at (585) 275-2000 or the ISD Help Desk at (585) 275-3200.
If you believe the message is malicious or is a phishing attempt, please contact the ISD Help Desk immediately – do not click links, attachments or enter any information. The Help Desk will instruct you on how to proceed.
What Happens After I Report an Email Message as Suspicious?
A message reported as suspicious will be reviewed for security threats. A Help Desk or other IT representative will follow up with you.
How can I send a suspicious message when the Help Desk instructs me to?
Step 1: Start a new mail message
Step 3: Enter subject line: Spam Submission
Step 4: Click Attach Item and choose Outlook Item.
Step 5: Scroll to locate the message, click to select the message and click OK – it will appear as an attachment.
Step 6: Include a brief a message and your contact information, along with a Help Desk ticket number, if one has already been provided.
The University IT website also offer information on phishing, examples and what to watch out for to avoid taking the bait. Visit: https://tech.rochester.edu/security/phishing-education/