External email tagging [EXT]

Phishing is among the top security concerns for Information Technology, as there is little that can be done to prevent phishing attempts from being made, and therefore security against them relies heavily on the ability of individuals to identify and report phishing emails successfully. To that end, we try to make it as easy as possible for you to recognize phishing attempts wherever we can.

One way we're doing this is by tagging all external emails originating from sources other than official Stonehill email servers or services with [EXT] at the start of the Subject line. The [EXT] tag is designed to help you quickly identify possible phishing attempts, regardless of who the email claims to be from.

Remember, not all emails marked with [EXT] are necessarily phishing attempts. Most of the time, external emails will likely just be harmless advertisements, spam, or even correspondences with non-Stonehill people and institutions. The [EXT] tag is there simply to help you identify when an email is external, so that you can instantly and easily know which emails require a closer look, especially if an email is calling you to action (asking you to click a link, enter a password, provide personal information, etc).

Most importantly, if an email claims to be from a Stonehill sender, yet also carries the [EXT] tag, you can safely assume it is a phishing attempt, and at minimum check with us at IT before clicking any links, opening attachments, or replying/providing information.

Examples of Stonehill servers and services that won't be tagged with [EXT] include emails coming from an "@stonehill.edu" address, as well as eLearn, IT's ticket management system (TeamDynamix), and Microsoft's emails containing voicemails, missed calls, and quarantine reports.

Was this helpful?
100% helpful - 1 review


Article ID: 66789
Wed 11/7/18 2:16 PM
Sat 8/24/19 11:27 AM