Requirements

  • Active WPI Account

Introduction

In order to assist our users spotting phishing threats, the WPI email system helps identify emails originating outside of WPI with [EXT] in the subject line. In addition, our email system also provides other clues to spot threats, which are detailed below.

External Messages

New External Messages

[EXT] in the email subject line signifies the message was sent to you from an email address outside of WPI. 

Example of an external subject line:

[EXT] Your invoice is ready to view

Internal Replies and Forwards of External Messages

External emails will still contain the marker when replied to, even though the sender may be internal. The difference is that the subject line will begin with RE: or FW: followed by [EXT].

Example of an internally forwarded subject line:

FW: [EXT] Your invoice is ready to view

Example of an internally replied to subject line:

RE: [EXT] Your invoice is ready to view

Tool Tips

Safety tips and indicators for domain impersonation (pretending to be WPI.edu) and first contact (the first email from a given sender or address) are enabled. The system will show a notification in the event that the system detects the following:

  • The domain the message was sent from looks suspicious. This could be numbers in place of letters (hotmai1.com, where the "l" in hotmail is a "number one"), or subtle spelling mistakes (gooogle.com with a 3rd o). 
  • When receiving the first message from a given address. This is an important warning if the sender looks familiar to the recipient. It can help distinguish between subtle differences  in addresses highlighted above, such as using Jboyton@wpi.edu to impersonate  Jboynton@wpi.edu, where the first address is missing the first "n" in "Boynton".
  • Warnings about first contact will resemble the following, near the top of the email:
You don't often get email from your_boss@wbi.edu. Learn why this is important

Spoofing and Impersonation Protection

 Domain Protection also helps in addition to our phishing protection rules. This will detect messages from addresses doing email impersonations such as @wpi.edi. If a legitimate email mistakenly goes into the spam folder, users can flag the message as "not spam", though caution should be used to avoid restoring malicious emails. Only restore emails from "spam" that you are expecting, and from senders you recognize.

Safe Attachments 

Protections for Safe Attachments are also enabled. This will screen for potential malware in OneDrive, Teams, SharePoint, and Microsoft Apps. Items flagged as potential malware cannot be shared within the Microsoft 365 ecosystem. This benefits WPI by preventing the spread of malware. WPI ITS can assist in cases where attachments are known to be safe and legitimate.