Body
Overview
You are a critical step in helping to protect our shared computing resources. Security is best deployed in layers, so if one layer is breached, others can help protect those critical resources. In addition to the great work we do as a community by reporting and ignoring the requests in phishing emails, ITS has deployed tools and techniques to aid in your ability to detect a phishing message, and also prevent these messages from reaching your inbox. Approximately 700 flagged emails sent to members of the RMC community are automatically kept from reaching inboxes each month. That’s 700 messages a month we didn’t have to delete! Some of these techniques are:
- We partner with organizations like Microsoft, Palo Alto Networks, Artic Wolf, and REN-ISAC to help us identify attributes of messages that we know are malicious, and we send those messages right to your Junk Email folder. With Microsoft as our email provider, we are part of a large global community, potentially learning about malicious content after it impacts other users, and before it impacts RMC.
- If a message has a known malicious attachment, that attachment is replaced with a notice that an attachment was removed from the message before it is delivered to your Inbox.
- When you click on a link in most email, in real-time the link is scanned to see if it is sending you to a known malicious website. If it is, then you are redirected to a warning page notifying you the link was malicious.
- Faculty and staff may notice [EXTERNAL] appended to the subject of an email that originates from outside of RMC’s email system. If you see a message that looks like it may have come from a member of the RMC community, but it has the [EXTERNAL] tag in the subject, be suspicious, and maybe reach out to them in a new email (not a reply to that potentially fraudulent email) sent to their RMC account.
- RMC uses technology like mail server verification (SPF) and sender digital signature verification (DKIM) to help identify legitimate messages that do originate from outside our email system.
- PhishER is aligned with these same tags for automatic disposition of emails that do get through and are reported by our community, which is why it is so important to report messages using Outlook’s Phish Alert Button (PAB). If you are having trouble reporting a suspicious email, please forward it directly to the PhishER Intake Email Address.
- Thanks to you, we promptly quarantine and delete approximately 200 confirmed threats per month.
- Our stats show us that actively participating in monthly training is correlated to a significantly lower phish-prone state. While we still have work to do to reduce our collective phish-prone state of 11.6% down to the Education Industry standard of 5.4%, we want to recognize and congratulate our Staff for leading the way this academic year in helping us close that gap!
As threats become more sophisticated using artificial intelligence (AI), rest assured that we have the right tools in place to continue to help keep our community safe, with your assistance as our collective human firewall. We hope you recognize your role as active defenders against cyber threats and feel empowered and supported to make informed decisions that prioritize security and safety. The most comprehensive measurement tool we have to assess this is the Security Culture Survey (SCS), which is why we are requesting you complete it for May’s training opportunity. We will share the results in June.
Thank you in advance for helping us make sure that our security culture is both positive and effective!