Phishing is among the top security concerns for Stonehill College as there is little that can be done to prevent phishing attempts from being made. Security against phishing relies heavily on the ability of individuals to identify and report phishing emails successfully. The first line of defense is the filtering of spam and malware that Microsoft provides in Office365. In addition, IT has implemented 2 email security features to better help everyone in the Stonehill community to identify phishing emails.
"[EXT]" in the subject line
The first security feature tags each email originating from a source other than official Stonehill email servers or services with [EXT] at the start of the subject line. The [EXT] tag is designed to help you quickly identify possible phishing attempts, regardless of who the email claims to be from. Always keep in mind that an email from someone in the Stonehill community will not be tagged with [EXT].
Warning banner in the email body
The second security feature to help users identify suspicious emails is the addition of a banner to each email message that contains one or more specific words that are known to be used in phishing attacks. The banner shown below will appear at the top of the body of the email making it easy to see on computers and mobile devices.
Please note that emails marked with [EXT] or the banner aren’t necessarily phishing attempts. Most of the time, external emails will likely just be harmless advertisements, spam, or even correspondences with non-Stonehill people and institutions. The [EXT] and banner are there to help you identify when an email is from someone outside of the Stonehill community and has suspicious text. These features should alert you to messages that require a closer look, especially if the text asks you to click a link, enter your password or to perform a task for the sender.